Electronic commerce system and electronic commerce method

ABSTRACT

A message, including ordering data regarding a price of a product that a purchaser wants to purchase and personal information including a credit card number of the purchaser, is given to a settlement agency computer from a purchaser computer used by the purchaser. The settlement agency computer determines whether to pay for the product for the purchaser, based on the ordering data and the personal information. In a case where it is determined to pay for the product for the purchaser, the settlement agency computer sends settlement permission information representing that payment can be made for the purchaser, to a seller computer used by a seller, while keeping the credit card number to be confidential. Hence, before delivering the product to the purchaser, the settlement is completed, and the credit card number of the purchaser is kept secret from the seller.

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to an electronic commerce systemand electronic commerce method, to be used by at least one purchaser, aseller and a settlement agency.

[0003] 2. Description of the Related Art

[0004] For example, U.S. Patent Publication No. 6,016,484 (System,Method and Articles of Manufacture for Network Electronic PaymentInstrument and Certification of Payment and Credit Collection Utilizinga Payment) discloses a technique regarding digital money. The disclosureof the this publication is herein incorporated by reference in thisspecification.

[0005] As the Internet is widely used, there are various kinds ofelectronic commerce systems conducted over the Internet. One kind ofelectronic commerce system is for conducting electronic commerce using apredetermined calculation system and the Internet. There are two typesof settlement, one of which is “prepaid settlement” and the other ofwhich is “deferred payment”, in the electronic settlement on theInternet. The typical example of the “prepaid settlement” includes aprepaid-card payment method, while the typical example of the “deferredpayment” includes a credit-card payment method.

[0006] In the prepaid-card payment method, the user (purchaser) pays apredetermined amount of money to a prepaid-card issuer, and the sellerallows the purchaser to purchase goods in the range of the paid amountof money. In the “prepaid settlement”, the settlement can be made eachtime a business transaction is done. In addition, in the “prepaidsettlement”, the user may possibly leave a certain amount of moneywithout spending all. In the case where the prepaid-card company isbankrupted, the user may not be able to get back the money that the userhas not spent yet.

[0007] Such a problem does not occur in the “deferred payment” methodemploying the credit card, etc. In the “deferred payment” method, thepurchaser decides the goods to purchase first, and then the settlementwill be made for the total price of the goods, in accordance with thenumber affixed to the credit card of possessed by the purchaser.

[0008] Those techniques regarding the deferred payment method employingthe credit card are disclosed in: Unexamined Japanese Patent ApplicationKOKAI Publication No. H11-353382; Unexamined Japanese Patent ApplicationKOKAI Publication No. H11-345264; U.S. Pat. No. 5,317,636 (Method andApparatus for Securing Credit Card Transactions); U.S. Pat. No.5,671,279 (Electronic Commerce Using a Secure Courier System); U.S. Pat.No. 5,715,399 (Secure Method and System for Communicating a List ofCredit Card Numbers Over a Non-secure Network); U.S. Pat. No. 5,724,424(Digital Active Advertising); U.S. Pat. No. 5,727,163 (Secure Method forCommunicating Credit Card Data When Placing an Order on a Non-secureNetwork); and U.S. Pat. No. 6,023,682 (Method and Apparatus for CreditCard Purchase Authorization Utilizing a Comparison of a Purchase Tokenwith Test Information). The disclosure of the above publications areherein incorporated by reference in this specification.

[0009] There are various problems wherein the “deferred payment” methodusing the credit card is employed in the electronic commerce.Specifically, according to the “deferred payment” method, it isnecessary to transmit the number of the purchaser's credit card numberthrough the Internet, but the transmitted credit card number maypossibly be wiretapped by someone on the Internet. To securely transmitthe credit card number through the Internet, it is proposed to encryptinformation to be transmitted over the Internet. Those techniques forencrypting information includes SSL (Secure Socket Layer), SHTTP (SecureHyper Text Transfer Protocol), PEM (Privacy Enhancement for InternetElectronic Mail), MOSS (MIME Object Security Services), IPSP, etc.

[0010] Even if the credit card number is transmitted in the encryptedform, the electronic commerce method employing the credit card has thefollowing problems:

[0011] U.S. Pat. No. 5,727,163 discloses an electronic commercetechnique for performing electronic commerce over the Internet Accordingto this technique, when a user shops at an electronic mall, the user isto specify the goods to purchase, the delivery place and the paymentmethod so as to fill in an order sheet. At this time, the user is totransmit a part of his/her credit-card number but not in a completeform. Upon reception of the order sheet, a person in charge of theelectronic mall calls the user by dialing the phone number of the userwhich has been written in the order sheet beforehand. At this time, theuser is asked to input his/her phone number by pressing the dial of thetelephone. Then, the system of the electronic mall compares the inputnumber and the number written in the order sheet. As a result of thecomparison, in the case where the input number coincides with the numberof the order sheet, the order is succeeded.

[0012] Unexamined Japanese Patent Application KOKAI Publication No.H11-345264 discloses an electronic commerce technique. According to thistechnique, to perform the settlement of the bill using a credit card,there is employed a mobile communications terminal having a system fortransmitting the transmitter number, instead of using a credit inquirycommunications device.

[0013] Even with the above technique wherein the credit card number cannot securely be transmitted, there still remains a problem for thepurchaser. According to this technique, the purchaser provides theseller with his/her credit-card number. That is, the purchaser has togive the seller the credit card number, together with the purchaser'spersonal information including his/her name, address, phone number, etc.Thus, it is possible that the credit card number is used by the sellerfor some unintended purposes. In addition, in the case where thepersonal information is sold to the third party after the seller isbankrupted or something, the purchaser can have serious problems.

[0014] U.S. Pat. No. 5,671,279 discloses an electronic commercetechnique. According to this technique, the purchaser sends his/hercredit-card number after being encrypted, the seller sends the encryptedcredit card number to a settlement agency, and the settlement agencyexamines whether the settlement can be made for the purchaser. Even withthis technique, the purchaser's credit card number can still be kept bythe seller.

[0015] The most secure electronic commerce method is that the purchaserdoes not let the seller know his/her credit card number, and stillpurchases the desired goods.

[0016] U.S. Pat. No. 5,724,424 discloses such a technique for performingelectronic commerce while the purchaser's credit-card number is notavailable to the seller. According to this technique, the purchaserattaches his/her credit card number to the order sheet, and sends theorder sheet to the settlement agency through the Internet. When thesettlement agency allows the payment to be made, the agency issues apayment permit to the purchaser. Then, the purchaser sends the permitand the order sheet to the seller using the Internet.

[0017] However, according to this method, in the case where thepurchaser has malice, it involves the financial risk for the seller orsettlement agency. For example, there is a purchaser who can purchasegoods or services at maximum of “¥50,000” at each business transaction.This purchaser may make alteration in the order sheet for goods orservices of ¥500,000, and rewrites “¥500,000” to “¥50,000”, and gets apermit from the settlement agency for the goods or services of“¥500,000” at the price of “¥50,000”. Then, the purchaser provides theseller with the permit including the order sheet of ¥500,000. Withoutany suspiciousness, the seller may deliver the ordered goods to thepurchaser. Unfortunately, the seller gets only ¥50,000 for the deliveredgoods afterwards. Alternatively, the user having malice may forge thepermit itself.

[0018] The above publication simply describes the permit issued by thesettlement agency as one which can not be altered, and does not disclosea specific technique for forming the permit. In any technique, even ifthe permit is encrypted, as long as the user is malicious, the permitmay still possibly be altered. In order to completely eliminate thispossibility, it is necessary not to provide the purchaser with thepermit.

[0019] Unexamined Japanese Patent Application KOKAI Publication No.H11-353382 discloses an electronic commerce system for realizing secureand economical electronic commerce. According to this technique, thepurchaser sends a purchaser ID number directly to the settlement agency,not via the seller. The seller forms settlement-agency data including aplurality of pieces of charge data for each purchaser at predeterminedintervals, and create settlement data in association with the formedsettlement-agency data. Then, the seller sends the settlement data tothe settlement agency, and sends to the purchaser the settlement-agencydata, as asking information for asking the purchaser to send theprovided ID number to the settlement agency. That is, the sellercalculates and settles the bill for each purchaser at predeterminedintervals, and instructs the purchaser to send the ID number to thesettlement agency. Hence, even according to this method, as long as thepurchaser is malicious, the electronic commerce according to this methodinvolves financial risk for the seller and settlement agency. Becausethe goods or services have already been provided to the purchaser, theseller can not be paid for the ordered goods or services unless thepurchaser has enough money to pay.

[0020] Further, there is disclosed a technique for realizing anelectronic settlement system and an electronic-commerce servicesprovider system. This relates to an electronic-settlement permissionsystem in the electronic commerce, such as the one-line shopping throughthe Internet. According to this technique, it is prevented to spread thepersonal information that should be kept unavailable to any third party,such as the credit card number, over the Internet. Further, thesettlement agency calls back the user terminal through a public network,so that the secure electronic commerce can be realized with ease. Thesettlement agency needs both of the settlement data provided from theseller and the ID number from the purchaser, to perform settlement.Hence, the terminal used by the settlement agency needs to storeinformation, having being input before both of the above information aretransmitted, in a predetermined memory area, so that a part of thememory area is mostly occupied by for nothing. Before the settlement issuccessfully performed, the settlement data and the transmission of theID number are transmitted separately, i.e. the transmission is done atleast twice. In this structure, the resources of the network are noteffectively used.

[0021] U.S. Pat. No. 5,317,636 discloses an electronic commerce method.According to this method, the smart card replaces the credit card, andan order number, representing how many business transactions will havebeen made including a currently-processed transaction, is encrypted andshown. This order number is used as a password of the credit card. Acomputer which is to perform the user authentication deciphers thepassword so as to obtain the order number, using a predetermined method.This computer authenticates the user by determining whether thedeciphered password coincides with one stored in the computer. Accordingto this method, it is necessary to prepare the smart card in place ofthe credit card, and the order number needs to be encrypted.

[0022] U.S. Pat. No. 5,671,279 discloses a technique for securelyperforming payment using the credit card, through a public telephoneline through which information may possibly be wiretapped. According tothis method, the user sends the encrypted credit-card number to theseller, and the seller sends the encrypted credit card number as is tothe settlement agency. Then, the settlement agency carries out the userauthentication process based on the sent credit card number. Accordingto his technique, even the credit card number is encrypted, the creditcard number is still given to the seller. Hence, it involves thefinancial risk for the purchaser.

[0023] U.S. Pat. No. 5,715,399 discloses an electronic commercetechnique. According to this technique, in the case where the electronicmall system has already obtained a plurality of credit cards of a userhaving currently ordered some goods to be purchased, the system asks theuser to select one of the plurality of credit cards for this-timetransaction. At this time, the credit card number is not fullydisplayed, but partially displayed. In this case, even if the thirdparty reads the credit card number over the purchaser's shoulder, thecredit card number can not fully be recognized by the third party.However, the credit card number has already been given to the electronicmall system in its complete form, so that this system may possiblyinvolve the financial risk for the purchaser.

SUMMARY OF THE INVENTION

[0024] The present invention has been made in consideration of theabove. It is accordingly an object of the present invention to provide asystem and method for realizing commerce or transaction without lettingseller know information of a purchaser(s), such as his/her credit cardinformation, debit card information, etc.

[0025] Another object thereof is to provide a system and method forrealizing commerce or transaction without any financial risk for aseller(s) or settlement agency(s).

[0026] Sill another object thereof is to provide a system and method forsecurely performing commerce or transaction.

[0027] To achieve the objects, according to the first aspect of thepresent invention, there is provided is an electronic commerce systemfor dealing at least one product (item, goods, or service), said systemcomprising a purchaser system, a seller system and a settlement system,and

[0028] wherein said seller system creates ordering data includingpurchaser information specifying at least one purchaser and informationspecifying the at least one product to be purchased, and sends thecreated ordering data to said purchaser system through an electronicmedium,

[0029] said purchaser system attaches, to the ordering data, purchaserID (identification) information which has been provided from asettlement agency to said at least one purchaser in advance, and sendsthe ordering data with the purchaser ID information attached thereto tosaid settlement system through an electronic medium, and

[0030] said settlement system determines whether to pay a predeterminedamount of money for the at least one product to a seller for said atleast one purchaser, based on the ordering data and purchaser IDinformation sent from said purchaser system, and sends informationspecifying the at least one purchaser and the product to be purchasedand also settlement permission information representing to said sellersystem through an electronic medium.

[0031] According to the second aspect of the present invention, there isprovided is an electronic commerce device comprising:

[0032] a communications unit which sends and receives data to and fromanother electronic commerce device;

[0033] a payment determiner which receives ordering data including priceinformation representing a price of at least one product to be purchasedand personal information including purchaser ID (identification)information which has been given in advance to at least one purchaser,from a purchaser terminal used by the at least one purchaser throughsaid communications unit, and determines whether to pay for the at leastone product to a seller for the at least one purchaser based on thereceived ordering data and personal information; and

[0034] a settlement-information creator which creates (generates)settlement permission information, in a case where said paymentdeterminer determines to pay for the at least one product to said sellerfor the at least one purchaser, and sends the settlement permissioninformation to a seller terminal used by the seller through saidcommunications unit while the personal information of the at least onepurchaser is kept secret from the seller.

[0035] To achieve the objects, according to the third aspect of thepresent invention, there is provided is an electronic commerce devicecomprising:

[0036] an ordering-data creator which creates ordering data includingprice information of at least one product that at least one purchaserwants to purchase;

[0037] a recorder which writes the ordering data onto a recordingmedium, to provide a purchaser terminal used by at least one purchaserwith the ordering data; and

[0038] a receiver which receives settlement permission information andprovides a seller to be providing the at least one product with thereceived settlement permission information, in a case where it isdetermined that the settlement agency is to pay for the at least oneproduct and in a case where an agency terminal used by a settlementagency outputs the settlement permission information, based on datacommunications performed between the purchaser terminal which reads theordering data written onto the recording medium and the agency terminalused by the settlement agency which may pay for the at least one productfor the purchaser.

[0039] To achieve the objects, according to the fourth aspect of thepresent invention, there is provided is an electronic commerce devicecomprising:

[0040] an ordering-data creator which creates ordering data includingprice information of at least one product that at least one purchaserdesires to purchase, in a case where product information representingthe at least one product is input;

[0041] a sender which sends the ordering data to a purchaser terminalused by the at least one purchaser; and

[0042] a receiver which receives settlement permission information andprovides a seller to be providing the at least one product with thereceived settlement permission information, in a case where it isdetermined that a settlement agency is to pay for the at least oneproduct and a settlement terminal used by the settlement agency outputsthe settlement permission information, based on data communicationsperformed between a purchaser terminal used by the at least onepurchaser and the settlement terminal used by the settlement agency tobe paying for the at least one product.

[0043] To achieve the objects, according to the fifth aspect of thepresent invention, there is provided is an electronic commerce devicecomprising:

[0044] an input unit which inputs ordering data, which is created by aseller terminal used by a seller to be providing at least one productand which includes price information of the at least one product that atleast one purchaser desires to purchase, and personal informationincluding purchaser ID (identification) information which has been givenin advance to the at least one purchaser for credit sales; and

[0045] a settlement-request-message sender which creates a settlementrequest message including the personal information and the orderingdata, sends the created settlement request message to a settlementterminal used by a settlement agency which may pay the at least oneproduct to a seller for the purchaser, instructs said settlementterminal to determine whether to pay for the at least one product forthe purchaser, and instructs said settlement terminal to send settlementpermission information to said seller terminal while the personalinformation is kept secret from the seller, in a case where it isdetermined to pay for the at least one product for the purchaser.

[0046] To achieve the objects, according to the sixth aspect of thepresent invention, there is provided is an electronic commerce devicecomprising:

[0047] an ordering-data creator which creates ordering data includingprice information of at least one product that at least one purchaserdesires to purchase, in a case where the at least one purchaser inputsproduct information of the at least one product;

[0048] an ordering-data provider which sends the ordering data to apurchaser terminal, which is used by the at least one purchaser andaffixes personal information including purchaser ID (identification)information provided to the at least one purchaser in advance for creditsales; and

[0049] a reception processor which receives data items includingsettlement permission information representing that the at least oneproduct is to be paid for the purchaser, and provides the settlementpermission information a seller of the at least one product, in a casewhere the data items are sent form a settlement terminal used by asettlement agency to be paying for the at least one product for thepurchaser, as a result that the ordering data is provided to thepurchaser terminal.

[0050] To achieve the objects, according to the eighth aspect of thepresent invention, there is provided is a system comprising a purchasersystem, a seller system, a payment agency system and an ID(identification) information issuing system, and

[0051] wherein a payment agency provides at least one purchaser of atleast one product with credit information and ID informationcorresponding to the at least one purchaser;

[0052] said purchaser system sends ID information to said ID informationissuing system, and requests said ID information issuing system forone-time ID information, and sends the one-time ID information providedfrom the ID information issuing system to the seller system;

[0053] said ID information issuing system issues one-time identificationinformation, in response to a request from said purchaser system,provides corresponding information representing the one-time IDinformation and the ID information in association with each other tosaid payment agency system;

[0054] said seller system sends the one-time ID information sent fromsaid purchaser system to said payment agency system, so as to requestsaid payment agency system to pay for the at least one product for theat least one purchaser; and

[0055] said payment agency system determines ID information of the atleast one purchaser based on the one-time ID information sent from theseller system, determines whether to pay for the at least one productbased on the determined ID information, and sends a result of thedetermination to the seller system.

[0056] To achieve the objects, according to the ninth aspect of thepresent invention, there is provided is a one-time ID (identification)information issuing system to be used in a transaction wherein: aone-time ID information is issued to a person who is assigned IDinformation for payment previously from a payment agency; the issuedone-time ID information is sent to the parson and the payment agency;the person sends the issued one-time ID information to a seller in abusiness transaction; the seller sends the one-time ID information ofthe person to a payment agency; the payment agency obtains original IDinformation for payment of the person based on the sent one-time IDinformation and determines whether to pay to the seller for the businesstransaction based on the obtained original ID information for payment,and pays to the seller for the business transaction, in a case where itis determined to pay for the business transaction,

[0057] said one-time ID information issuing system comprising:

[0058] storage means for storing ID information for payment previouslyassigned to a user, and

[0059] one-time ID information providing means for issuing the one-timeID information toward the user in response to a request, having IDinformation attached thereto and being sent from a terminal of the user,providing the one-time ID information to the user, and providing apayment agency system with corresponding information representing theone-time ID information and the ID information in association with eachother.

[0060] To achieve the objects, according to the tenth aspect of thepresent invention, there is provided is a purchaser system to be used bya purchaser and to be used in a transaction wherein: a one-time IDinformation is issued to a person who is assigned ID information forpayment previously from a payment agency; the issued one-time IDinformation is sent to the parson and the payment agency; the personsends the issued one-time ID information to a seller in a businesstransaction; the seller sends the one-time ID information of the personto a payment agency; the payment agency obtains original ID informationfor payment of the person based on the sent one-time ID information anddetermines whether to pay to the seller for the business transactionbased on the obtained original ID information for payment, and pays tothe seller for the business transaction, in a case where it isdetermined to pay for the business transaction,

[0061] and said purchaser system comprising:

[0062] means for providing ID information for deferred payment,previously assigned to a user, and for requesting one-time IDinformation issuing means for issuing one-time ID information to issueone-time ID information; and

[0063] means for providing the issued one-time ID information, andrequest a system used by a seller to provide at least one product to besold.

[0064] To achieve the objects, according to the eleventh aspect of thepresent invention, there is provided is a seller system to be used by aseller and to be used in a transaction wherein: a one-time IDinformation is issued to a person who is assigned ID information forpayment previously from a payment agency; the issued one-time IDinformation is sent to the parson and the payment agency; the personsends the issued one-time ID information to a seller in a businesstransaction; the seller sends the one-time ID information of the personto a payment agency; the payment agency obtains original ID informationfor payment of the person based on the sent one-time ID information anddetermines whether to pay to the seller for the business transactionbased on the obtained original ID information for payment, and pays tothe seller for the business transaction, in a case where it isdetermined to pay for the business transaction,

[0065] said seller system comprising:

[0066] means for receiving one-time ID information sent from a purchaserwho desires to purchase at least one product in the businesstransaction, and providing the received one-time ID information topayment agency means; and

[0067] means for issuing a payment permit, upon reception of informationrepresenting that payment can be made for the purchaser from the paymentagency.

[0068] To achieve the objects, according to the twelfth aspect of thepresent invention, there is provided is a purchaser system to be used bya seller and to be used in a transaction wherein. a one-time IDinformation is issued to a person who is assigned ID information forpayment previously from a payment agency; the issued one-time IDinformation is sent to the parson and the payment agency; the personsends the issued one-time ID information to a seller in a businesstransaction; the seller sends the one-time ID information of the personto a payment agency; the payment agency obtains original ID informationfor payment of the person based on the sent one-time ID information anddetermines whether to pay to the seller for the business transactionbased on the obtained original ID information for payment, and pays tothe seller for the business transaction, in a case where it isdetermined to pay for the business transaction,

[0069] said seller system comprising

[0070] requesting means for requesting the payment agency to send IDinformation which is provided in advance together with credit forpayment to be made, and to affix the one-time ID information to the IDinformation;

[0071] means for receiving the one-time ID information to be providedfrom said payment agency; and

[0072] means for providing the one-time ID information and making anorder for at least one product in the business transaction.

[0073] To achieve the objects, according to the thirteenth aspect of thepresent invention, there is provided is a payment agency system to beused by a seller and to be used in a transaction wherein: a one-time IDinformation is issued to a person who is assigned ID information forpayment previously from a payment agency; the issued one-time IDinformation is sent to the parson and the payment agency; the personsends the issued one-time ID information to a seller in a businesstransaction; the seller sends the one-time ID information of the personto a payment agency; the payment agency obtains original ID informationfor payment of the person based on the sent one-time ID information anddetermines whether to pay to the seller for the business transactionbased on the obtained original ID information for payment, and pays tothe seller for the business transaction, in a case where it isdetermined to pay for the business transaction,

[0074] said payment agency system comprising:

[0075] storage means for storing the ID information and given-creditinformation of a user in association with each other;

[0076] means for receiving and storing the ID information andgiven-credit information in association with each other; and

[0077] determination means for receiving the one-time ID information andprice information regarding a price of at least one product in thebusiness transaction, from a seller system, discriminating IDinformation from the received one-time ID information, and determiningwhether currently-requested payment can be made based on given-creditinformation corresponding to the discriminated ID Information; and

[0078] means for sending a result of the determination performed by saiddetermination means to said seller system.

[0079] To achieve the objects, according to the fourteenth aspect of thepresent invention, there is provided is a method comprising:

[0080] an ordering-data receiving process of receiving ordering dataincluding price information representing a price of a target product tobe purchased and personal information including ID information which haspreviously been given to at least one purchaser for credit sales, via anetwork;

[0081] a payment determination process of determining whether to pay theprice of the target product to a seller, based on the price informationincluded in the received ordering data and purchaser ID Informationincluded in the received personal information; and

[0082] a settlement-permission information sending process of sending,in a case where it is determined at said determining step to pay theprice of the target product for the at least one purchaser, settlementpermission information representing that it is determined to pay theprice for the purchaser to the seller through a network, while the IDinformation is kept secret to the seller.

[0083] To achieve the objects, according to the fifteenth aspect of thepresent invention, there is provided is a method comprising:

[0084] an ordering-data acquiring process of acquiring, from a sellerterminal used by a seller, ordering data including price information,which represents a price of a product, and is generated and stored bythe seller terminal;

[0085] a receiving process of receiving, as a settlement-requestmessage, the ordering data and personal information including purchaserID information which has previously been given for credit sales, from apurchaser terminal used by at least one purchaser;

[0086] a determination process of comparing the ordering data receivedat said receiving process and the ordering data received at saidordering-data acquiring process, and determining whether the orderingdata received at said receiving process has been altered, before theproduct is provided to the at least one purchaser;

[0087] a payment determination process of determining whether to pay forthe product to the seller for the at least one purchaser, based on theprice information included in the ordering data and the purchaser IDinformation included in the personal information, in a case where it isdetermined that the ordering data received at said receiving process hasnot been altered at said determination process; and

[0088] a settlement-information sending process of sending thesettlement permission information representing that the payment can bemade for the at least one purchaser and the ordering data to the sellerterminal, while the personal information is kept secret from the seller,in a case where it is determined to pay the price of the product for thepurchaser at said payment determination process.

[0089] To achieve the objects, according to the sixteenth aspect of thepresent invention, there is provided is a method comprising the stepsof:

[0090] requesting a seller system to pay for a product to be purchased,using one-time deferred-payment information issued by a settlementagency system or a deferred-payment information issuer system;

[0091] requesting said settlement agency system to pay for the productbased on the one-time deferred-payment information; and

[0092] paying for the product for a purchaser of the product based ondeferred-payment information of the purchaser which corresponds to theone-time deferred payment information.

[0093] To achieve the objects, according to the seventeenth aspect ofthe present invention, there is provided is a method for realizing asettlement agency system in an electronic commerce method employing adeferred payment technique, for paying a price of at least one productto be purchased by at least one purchaser, and said method comprisingthe steps of:

[0094] receiving, from a seller system, a request for paying for the atleast one product based on one-time deferred-payment information issuedto the at least one purchaser; and

[0095] paying for the at least one product for the at least onepurchaser, based on the deferred-payment information of the at least onepurchaser corresponding to the one-time deferred-payment information.

[0096] To achieve the objects, according to the eighteenth aspect of thepresent invention, there is provided is a method of issuing one-timedeferred-payment information, and used by a deferred-payment informationissuer system in an electronic commerce, employing a deferred-paymenttechnique for paying for at least one product, and said methodcomprising the steps of:

[0097] issuing new one-time deferred-payment information to a purchaserterminal at least one purchaser, in a case where the one-timedeferred-payment information is requested using a message includingspecification information specifying the at least one purchaser from thepurchaser terminal, or in a case where a settlement agency systeminforms that the one-time deferred-payment information has been used;and

[0098] sending, to said settlement agency system, the one-timedeferred-payment information issued at said issuing step and thedeferred-payment information in association with each other.

[0099] To achieve the objects, according to the nineteenth aspect of thepresent invention, there is provided is a settlement-request method usedby a seller system in an electronic commerce method employing adeferred-payment technique for paying for at least one product for atleast one purchaser, and said settlement-request method comprising thesteps of:

[0100] receiving a request, from a purchaser terminal used by at leastone purchaser, for paying for the at least one product for the at leastone purchaser, based on one-time deferred-payment information issued tothe at least one purchaser; and

[0101] requesting a settlement agency system to pay for the at least oneproduct for the at least one purchaser, based on the one-timedeferred-payment information.

BRIEF DESCRIPTION OF THE DRAWINGS

[0102] These objects and other objects and advantages of the presentinvention will become more apparent upon reading of the followingdetailed description and the accompanying drawings in which:

[0103]FIG. 1 is a block diagram showing an electronic commerce system,including a plurality of computer which are connected with each other,according to the first embodiment of the present invention;

[0104]FIG. 2 is a functional block diagram showing a computer 10 shownin FIG. 1;

[0105]FIG. 3 is a functional block diagram showing a computer 20 shownin FIG. 1;

[0106]FIG. 4 is a functional block diagram showing a computer 30 shownin FIG. 1;

[0107]FIG. 5 is a flowchart for explaining procedures to be performed bythe computers 10, 20 and 30;

[0108]FIG. 6 is an explanatory diagram showing an example of orderingdata;

[0109]FIG. 7 is an explanatory diagram showing an example of data to besent to the computer 10;

[0110]FIG. 8 is an explanatory diagram showing a settlement permit;

[0111]FIG. 9 is an explanatory diagram showing an order-reception table;

[0112]FIG. 10 is a block diagram showing the structure of an electroniccommerce system according to the second embodiment of the presentinvention;

[0113]FIG. 11 is a block diagram showing the structure of an electroniccommerce system according to the third embodiment of the presentinvention;

[0114]FIG. 12 is a block diagram showing the structure of an electroniccommerce system according to the fourth embodiment of the presentinvention;

[0115]FIG. 13 is a block diagram showing the structure of an electroniccommerce system according to the fifth embodiment of the presentinvention;

[0116]FIG. 14 is a diagram exemplarily showing the structure of acomputer 10B shown in FIG. 11;

[0117]FIG. 15 is a flowchart for explaining procedures to be performedby computers 10A, 20 and 30;

[0118]FIG. 16 is a diagram showing a typical electronic commerce systemaccording to the first example of the seventh embodiment of the presentinvention;

[0119]FIG. 17 is a flowchart for explaining an electronic commerceprocess, which is carried out among a seller computer, a purchasercomputer, a settlement agency computer and a card-information issuingcomputer, which are included in the electronic commerce system of FIG.16;

[0120]FIG. 18 is a diagram exemplarily showing a request message forrequesting one-time credit-card information, which is created by theelectronic commerce system of FIG. 16;

[0121]FIG. 19 is a diagram exemplarily showing a one-time credit-cardinformation message which is created by the electronic commerce systemof FIG. 16;

[0122]FIG. 20 is a diagram exemplarily showing an order message which iscreated by the electronic commerce system of FIG. 16;

[0123]FIG. 21 is a diagram exemplarily showing a corresponding messagewhich is created by the electronic commerce system of FIG. 16;

[0124]FIG. 22 is a diagram exemplarily showing an examination-requestmessage which is created by the electronic commerce system of FIG. 16;

[0125]FIG. 23 is a diagram exemplarily showing a yes/no message which iscreated by the electronic commerce system of FIG. 16;

[0126]FIG. 24 is a diagram exemplarily showing an order-receptionmessage which is created by the electronic commerce system of FIG. 16;

[0127]FIG. 25 is a diagram showing a typical electronic commerce systemaccording to the second example of the seventh embodiment of the presentinvention;

[0128]FIG. 26 is a flowchart for explaining an electronic commerceprocess, which is carried out among a seller computer, a purchasercomputer, a settlement agency computer and a card-information issuingcomputer, which are included in the electronic commerce system of FIG.25;

[0129]FIG. 27 is a diagram showing a typical electronic commerce systemaccording to the third example of the seventh embodiment of the presentinvention; and

[0130]FIG. 28 is a flowchart for explaining an electronic commerceprocess, which is carried out among a seller, computer, a purchasercomputer, a settlement agency computer and a card-information issuingcomputer, which are included in the electronic commerce system of FIG.27.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS First Embodiment

[0131]FIG. 1 is a block diagram showing an electronic commerce systemaccording to the first embodiment of the present invention.

[0132] As shown in FIG. 1, this electronic commerce system comprises acomputer 10 possessed by a settlement agency, a computer 20 possessed bya seller, and a computer 30 possessed by the a purchaser, which are allconnected with each other through a network N, so that datacommunications can be realized therebetween.

[0133] The computer 10 is a processor of a company (e.g. a credit-cardcompany, etc.) that carries out a process for performing settlement forthe purchaser in e-commerce.

[0134] The computer 20 is a processor of a seller providing (selling,renting, etc.) goods or services to purchasers, etc. The computer 30 isa terminal which is used by the purchasers of the goods or services. Thenetwork N includes the Internet, etc.

[0135]FIG. 2 is a functional block diagram showing the computer 10 shownin FIG. 1.

[0136] The computer 10 operates under the control of a program.

[0137] The computer 10 comprises a communications unit 11, sending andreceiving data to and from the computers 20 and 30, a payment determiner12, a settlement-information creator 13, a determiner 14 and an adder15. Each of the payment determiner 12, the settlement-informationcreator 13, the determiner 14 and the adder 15 may include an individualcircuit, or may include a CPU (a Central Processing Unit), a memory, andthe like.

[0138] The communications unit 11 transmits/receives data with thecomputers 20 and 30 through the network N.

[0139] The payment determiner 12 has a function for determining whetherto pay a predetermined amount of money for goods or services to aseller. This determination is made, particularly upon reception ofordering data including payment information regarding a product orservices, demanded by the purchaser and provided by the seller in a formof deferred payment, and also personal information including theidentification number of a credit card which is purchaser identificationinformation given to the purchaser in advance on credit card sales.

[0140] The settlement-information creator 13 generates a settlementpermit or denying information to be described later.

[0141] The determiner 14 has a function for determining the validity ofthe received ordering data and personal information. The adder 15 has afunction for creating a message digest from data items in a shorter formthan the data items to be sent to the seller, and adding the createdmessage digest to the data items. The communications unit 11, thepayment determiner 12, the settlement-information creator 13, thedeterminer 14 and the adder 15 are connected with each other through abus B.

[0142]FIG. 3 is a functional block diagram showing the functionalstructure of the computer 20 shown in FIG. 1.

[0143] The computer 20 comprises an ordering-data creator (processor) 20a creating (generating) ordering data as will be explained in moredetail later, a sender 20 b sending ordering data to the computer 30,and a receiver 20 c receiving settlement permission information, as willbe explained in more detail later, from the computer 10. Each of theordering-data creator 20 a, the sender 20 b and the receiver 20 c may beformed by an individual circuit, or all or parts of them may be formedby a CPU, control program stored in a memory, etc.

[0144]FIG. 4 is a functional block diagram showing the functionalstructure of the computer 30 shown in FIG. 1.

[0145] The computer 30 includes a personal computer having acommunications system. The computer 30 includes a processor(settlement-request-message processor) 30 a, an input unit 30 breceiving data from an input device (keyboard, mouse, and the like) orthrough the network N, and an output unit 30 c for transmitting datathrough the network N.

[0146]FIG. 5 is a flowchart showing procedures which are performed bythe computers 10, 20 and 30. The electronic commerce system using acredit card will now be described with reference to FIG. 5.

[0147] The seller provides a Web site on the Internet N using thecomputer 20, and shows a list of products (goods on sales or services)on the Web page. The purchaser accesses the Web page. If the purchaserwants to purchase some goods or services through the Web page, he/sheinputs the type of a credit card used for deferred payment, togetherwith transaction information (for business transactions) necessary fore-commerce and representing: goods to be purchased; number of the goodsto be purchased; purchaser address; purchaser name and phone number, inaccordance with instructions on the Web page. The purchaser sends, usingthe computer 30, the input information with the transaction informationto the computer 20 of the seller. Note that such information is apurchase-request message for purchasing the desired goods or services.

[0148]FIG. 6 is an explanatory diagram showing ordering data.

[0149] The computer 20 checks information, which represents the goods tobe provided and the number of ordered goods (items) and is sent from thecomputer 30 through the Internet N, inspects the stock of the requestedgoods, and calculates the total charge of the goods to be provided.After this, the computer 20 adds total charge 46 and information 47specifying the seller itself and issued by a credit card issuer, to thetransaction information representing the goods to be purchased 41, thenumber 42 of the goods, the address 43, the purchaser name 44 and phonenumber 45, thereby creating ordering data S21. The computer 20 sendsthus created ordering data S21 to the computer 30.

[0150] Because information flows over the Internet N, it is preferredthat the ordering data S21 be transmitted in an encoded (encrypted) formso that the transmitted information can be protected from anyunauthorized access. When creating the ordering data S21, the computer20 may compute the ordering data S21 using a one-way function such as aHush function, generate a message digest 48 from the ordering data S21in a shorter form than the ordering data S21, add the created messagedigest 48 to the ordering data 21, and send the ordering data 21 withthe message digest 48 added thereto to the computer 30. The computer 20stores the message digest 48 and the ordering data S21.

[0151] Having performed such processes, the seller can be aware ofwhether the contents of the ordering data S21 have been altered(destroyed), by performing the same computation to the ordering dataS21. This can prevent someone from altering the ordering data S21 inmalice and from making bad use of the data.

[0152]FIG. 7 is an explanatory diagram showing data items to be sent tothe computer 10.

[0153] On the purchaser computer 30, the ordering data S21 received fromthe computer 20 is displayed and shown to the purchaser, so that thepurchaser can check whether the ordering data S21 conforms to whathe/she requested

[0154] In the case where the ordering data S21 conforms to the purchaserrequest, the purchaser inputs credit-card information 49, such as acredit-card number 49 a, a password 49 b and the like necessary tosettle the bill, using the computer 30, and generates data items S31including the ordering data S21 with the credit-card information 49added thereto. Then, the computer 30 sends the data items S31 to thecomputer 10 possessed by the settlement agency.

[0155] When the data items, including the ordering data S21 with themessage digest 48 attached thereto, are received from the computer 20,the computer 30 generates the data items S31 including the ordering dataS21 and the message digest 48 with the credit-card information 49attached thereto. Then, the computer 30 sends thus generated data items31 to the computer 10 as a settlement-request message.

[0156] Usually, the credit-card information 49, including personalinformation, such as the credit-card number 49 a, the password 49 b,should not be given to any persons other than the purchaser him/herselfand the settlement agency. Thus, when serving the data items S31including the credit-card information 49 on the Internet, it ispreferred that information be encoded in order to protect theinformation from any unauthorized access. On the assumption that thedata items S31 will be altered before completely received by thecomputer 10, likewise the computer 20, the computer 30 can create amessage digest 50 and add the created message digest 50 to the dataitems S31.

[0157] In the case where to add the message digest 50 to the data itemsS31, the computer 30 performs computation, using a one-way function suchas a Hush function, for the data items S31 including the ordering dataS21 in combination with the credit-card information 49 or for the dataitems S31 including the ordering data S21, the message digest 48 incombination with the credit-card information 49. Having done thiscomputation, the computer 30 can generate the message digest 50 byencoding the data items S31 in a shorter form than the data items S31.The computer 30 adds the created message digest 50 to the data itemsS31, including the ordering data S21 in combination with the credit-cardinformation 49, or to the data items S31, including the ordering dataS21, the message digest 48 in combination with the credit-cardinformation 49. The computer 30 sends the data items S31 with thecreated message digest 50 added thereto to the computer 10 in the formof an e-mail.

[0158] Upon this, the communications unit 11 of the computer 10 receivesthe data items S31 through the Internet N as a settlement-requestmessage. In the case where the computer 10 is given the data items S31with the message digest 50 added thereto, the determiner 14 receives thedata items S31 and the message digest 50 from the communications unit11, and then the payment determiner 12 receives the data items S31. Inthe case where the computer 10 receives only the data items S31 withoutthe message digest 50, only the payment determiner 12 receives the dataitems S31.

[0159] The determiner 14 obtains a computation method which isconfidential and used by the computer 30 for creating the message digest50 in advance, and computes the input data items S31 using the obtainedcomputation method. The same data as the value of the received messagedigest 50 should be obtained by computing the non-altered data items S31based on the same computation method as that used by the computer 30. Inthis case, the determiner 14 compares a resultant value of the dataitems S31 with the value of the message digest 50. In the case where theresultant value of the data items S31 differs from the value of themessage digest 50, the determiner 14 determines that the data items S31might have possibly been altered, and informs the payment determiner 12that the settlement can not effectively be made. On the contrary, in thecase where the resultant value of the data items S31 coincides with thevalue of the message digest 50, the determiner 14 informs the paymentdeterminer 12 that the settlement can effectively be made.

[0160] The above-described procedures are included in a determinationprocess Sy1 shown in FIG. 5 and carried out by the determiner 14.

[0161] In the case where the data items S31 include the message digest48, the determiner 14 obtains a computation method which is confidentialand used for creating the message digest 48 in advance, and computes theinput data items S31 using the obtained computation method, likewise thecase of the message digest 50. Then, the determiner 14 may determinewhether the ordering data items S31 have been altered.

[0162] Unless otherwise the determiner 14 instructs the paymentdeterminer 12 not to make settlement, the payment determiner 12 carriesout a payment determination process Sy2. The payment determiner 12decodes the ordering data S21 received from the computer 30 and thecredit-card information 49. Based on the decoded ordering data S21 andcredit-card information 49, the payment determiner 12 determines whetherto pay for goods or services ordered by the purchaser. A result of thisdetermination made by the payment determiner 12 is given to thesettlement-information creator 13. In the case where the paymentdeterminer 12 denies paying for the purchased goods for some reason, thepayment determiner 12 sends denying information about the denial of thepayment determiner 12 to the computer 30. The settlement-informationcreator 13 and the adder 15 execute a settlement-information sendingprocess Sy3, as will now specifically be described.

[0163]FIG. 8 is an explanatory diagram showing a settlement permit.

[0164] When the payment determiner 12 determines to pay for thepurchaser, the settlement-information creator 13 creates a settlementpermit representing about this determination, as shown in FIG. 6. Thissettlement permit includes the contents of the ordering data S21, and apermission number and expiration date of validity time which areincluded in settlement permission information 55.

[0165] In the case where the data sent from the computer 30 includes themessage digest 48, the message digest 48 should be included in thesettlement permit, so that the digest 48 can be checked by the computer20.

[0166] The adder 15 computes, using a one-way function such as a Hushfunction, data items S11, which includes the contents of the orderingdata S21, the settlement permission information 55, and a message digest48 (if included). At the same time, the adder 15 generates a messagedigest 56 from the data items S11 in a shorter form than the data itemsS11. The adder 15 adds this message digest 56 to the data items S11, andsends the data items S11 with the message digest 56 attached thereto tothe seller computer 20 through the communications unit 11 and theInternet N. At this time, the credit-card information 49 is not sent tothe computer 20, thereby eliminating the possibility of leaking thepurchaser's personal information.

[0167] The computer 20 obtains a computation method which isconfidential and used by the computer 10 for creating the message digest56 in advance, and computes the input data items S11 using the obtainedcomputation method. The same data as the value of the received messagedigest 56 should be obtained by computing the non-altered data items S11based on the same computation method as that used by the computer 10. Inthis case, the computer 20 compares a resultant value of the data itemsS11 with the value of the message digest 56. In the case where theresultant value of the data items S11 differs from the value of themessage digest 56, the computer 20 determines that the data items S11might have possibly been altered. At this time, the computer 20 sends ane-mail, etc. to the purchaser again, to instruct the purchaser to gothrough the above procedures again. On the contrary, in the case wherethe resultant value of the data items S11 coincides with the value ofthe message digest 56, the computer 20 presumes that the settlement caneffectively be performed.

[0168] In the case where the data items S11 includes the message digest48, the computer 20 computes, the ordering data S21 included in the dataitems S11, in accordance with the computation method used for creatingthe message digest 48. The computer 20 compares a resultant value ofthis computation with the value of the message digest 48.

[0169] In the case where the resultant value coincides with the value ofthe message digest 48, the computer 20 creates an order-reception tableincluding information representing the order made by the purchaser.

[0170] On the contrary, in the case where the resultant value does notcoincide with the value of the message digest 48, it can be consideredthat the ordering data S21 might have possibly been altered. In thiscase, the computer 20 determines that the settlement can not effectivelybe made, and does not create an order-reception table. The computer 20sends an e-mail to the purchaser again to instruct the purchaser to gothrough the same procedures as the above.

[0171]FIG. 9 is an explanatory diagram showing an order-reception table.

[0172] The order-reception table includes data items S22, which includesthe contents of the ordering data S21, the message digest 48, and anorder number and delivery date as order-reception information 57. Thedata items S22 are sent to the computer 30 possessed by the purchaser.At this time, the computer 20 may compute the data items S22 inaccordance with a one-way function, so that the computer 30 can checkthat the ordering data S21 or order-reception information 57 is notaltered. In addition, the computer 20 generates the message digest 58from the data items S22 in a shorter form than the data items S22. Thecomputer 20 sends the data items S22 with the created message digest 58added thereto to the computer 30 as an order-reception table. Whilesending the order-reception table, the seller goes through all thenecessary procedures for delivering the ordered goods, so that the goodsare delivered to the purchaser on the delivery date.

[0173] In the case where the message digest 58 is included in theorder-reception table received from the computer 20 through theInternet, the computer 30 possessed by the purchaser acquires thecomputation method used for creating the message digest 58 in advance.Then, the computer 30 checks whether the data items S22 have not beenaltered, based on the acquired computation method. After it is checkedthat the data items S22 have not been altered, the computer 30 informsthe purchaser of the delivery date and that the order has been received.

[0174] According to the electronic commerce system of this embodiment,the following advantages can be realized.

[0175] (1) Settlement can be made at every business transaction, beforethe ordered goods are provided to the purchaser. Hence, this reduces theinherent financial risk for the seller. Since the credit-cardinformation 49 is not given to the computer 20, it is preventable thatthe seller makes bad use of the credit card. In addition, even in thecase where the seller is bankrupted, the credit-card information is notspread out over the Internet, etc., and hence protecting the purchasersof the seller. Further, the settlement permission information of thesettlement agency is sent directly to the seller, and hence there is norisk that such information is altered by the purchaser. That is, each ofthe purchaser, the seller and the settlement agency is given onlyinformation necessary for executing its corresponding process, thusthere is almost no risk that the information is changed by someonehaving malice.

[0176] (2) Computer 20 or seller can determine for which ordering dataS21 the settlement is made. Particularly, when sending the settlementpermission information to the computer 20 in the settlement-informationsending process Sy3, the data items S11 including the settlementpermission information and the ordering data S21 are sent to thecomputer 20. By so doing, the computer 20 or the seller can understandwhich ordering data S21 has been used for settlement.

[0177] (3) Even if the ordering data S21 is altered, the computer 20 canfinally check the alteration of the ordering data S21. This can beachieved by generating the ordering data S21 sent from the computer 30to the computer 10, on the side of the computer 20.

[0178] (4) Communications contents between the computers 10, 20 and 30are less likely to be given to the third persons on the Internet. Thisis because the data communications between the computers 10, 20 and 30are done using an encryption technique.

[0179] (5) Ordering data S21 sent to the computer 30 is stored in thecomputer 20, thereby easily understanding whether the sent data isaltered.

[0180] (6) Even if the ordering data S21 having the message digest 48attached thereto is altered, the computer 20 check the alteration.Specifically, the computer 20 creates the message digest 48corresponding to the ordering data S21, and adds the created messagedigest 48 to the ordering data S21. Then, the ordering data S21 with themessage digest 48 added thereto is returned back all way through thecomputers 30 and 10, thereby successfully checking the alteration of theordering data S21. Even if the incorrect settlement is made by mistake,the seller does not have to deliver the products to the purchaser.

[0181] (7) Also computer 10 can determine whether the ordering data S21is altered. Specifically, before the execution of the paymentdetermination process Sy2, the computer 10 acquires a computation methodused for creating the message digest 48 from the computer 20. Thecomputer 10 compares the ordering data S21 with the message digest 48using the acquired computation method, thereby determining the validityof the ordering data S21 and determining whether the ordering data S21has been altered.

[0182] (8) Computer 10 can determine whether the ordering data S21 andthe credit-card information 49 have been altered. Specifically, thecomputer 30 creates the message digest 50, adds the created messagedigest 50 to the ordering data S21 and credit-card information 49, andsends them to the computer 10, thereby the computer 10 can be aware ofwhether the ordering data S21 and the credit-card information 49 havebeen altered.

[0183] (9) Credit-card information 49 is highly secured. Specifically,when sending the credit-card information 49 and the ordering data S21from the computer 30, the credit-card information 49 is encoded using anencryption method for sharing the credit-card information 49 with thecomputer 10, and hence protecting the credit-card information 49.

[0184] (10) Computer 20 can determine that the message digest 56, thesettlement permission information 55 and the ordering data S21 have notbeen altered. Specifically, the computer 10 generates the third messagedigest 56 from the data items S11 including the settlement permissioninformation 55 and the ordering data S21. Then, the computer 10 sendsthe message digest 56, the settlement permission information 55 and theordering data S21 to the computer 20. Upon reception of the data fromthe computer 10, the computer 20 can be aware of that the message digest56, the settlement permission information 55 and the ordering data S21have not been altered.

[0185] (11) Unnecessary communications, such as calling-back, etc. arenot required. The ordering data S31 and the credit-card information 49which are necessary for settlement are sent to the purchaser or thepurchaser computer 30. Hence, it is not necessary to give a call back tothe computer 30.

Second Embodiment

[0186] In the above-described first embodiment, a program for adding thecredit-card information 49 to the ordering data S21 in advance isinstalled in the computer 30 serving as a terminal to be used by thepurchaser. According to such a technique, wherein the program providedby the settlement agency beforehand is installed in the computer 30, thesettlement agency can provide each purchaser with an encryption key or akey for the message digest 50, using the installed program.

[0187] In the second embodiment of the present invention, explanationswill now be made to the case where a program, for adding the credit-cardinformation 49 to the ordering data S21, is installed every timeordering is made.

[0188]FIG. 10 is a block diagram showing the relationship among apayment agency, a seller and a purchaser, for carrying out an electroniccommerce system according to the second embodiment of the presentinvention.

[0189] A computer 10A serving as an electronic commerce device andpossessed by the settlement agency is connected to the computer 20possessed by the seller providing goods or services, through theInternet N, so that data communications can be performed therebetween.The computer 10A is connected to a computer 30A possessed by thepurchaser to be purchasing the goods or services, through the Internet,so that data communications can be performed therebetween. The computer20 and the computer 30A are also connected through the Internet N, sothat data communications can be performed therebetween as well.

[0190] Likewise the case of the first embodiment, the computer 20 has afunction for sending the ordering data S21 to the computer 30A. Thecomputer 10A has a function for sending a program P10 for adding thecredit-card information 49 to the ordering data S21, to the computer 30Ain response to a request form the computer 30A. The rest of functions ofthe computer 10A are the same as those of the computer 10 described inthe first embodiment. The computer 30A can install the program P10.

[0191] Hereinafter, explanations will now be made to an electroniccommerce system employing the computers 10A, 20 and 30A. In thisembodiment, for the sake of easy description, the same referencenumerals as those of FIGS. 2 to 9 in the first embodiment are used inthis embodiment.

[0192] The seller provides a Web site on the Internet using the computer20, and shows a list of goods or services to be sold. The purchaser, whointends to purchase goods or services using the Internet, access thecomputer 10A possessed by the payment agency using the computer 30A,every time ordering is made. Then, the computer 30A requests thecomputer 10A for the program P10 for adding the credit-card information49 to the ordering data S21, which will be needed later.

[0193] The computer 10A provides the computer 30A, having requested theprogram, with the program. This program P10 includes procedures foradding the credit-card information 49 to the ordering data S21. Inaddition to this, the program P10 may include, for high security, anencoding technique with which the computer 30A generates a messagedigest from data items including the ordering data S21, and/or anencryption technique with which the computer 30A encrypts information tobe sent to the computer 10A. In this embodiment, the encoding techniqueand the encryption technique are included in the program P10.

[0194] The purchaser who uses the computer 30A installs the programprovided from the computer 10A into the computer 30A.

[0195] The purchaser who uses the computer 30A retrieves Web pagesserved on the Internet N using the computer 30A, and accesses a Web pageof a seller which can provides the purchaser with goods or servicesthrough the Internet.

[0196] In accordance with instructions of the accessed Web page, thepurchaser inputs necessary information using a keyboard, etc. as inputmeans, likewise the case of the first embodiment. Specifically, thepurchaser inputs the type of credit card used for deferred payment ofthe bill, together with business transaction information, includingdesired goods to be purchased, number of the goods to be purchased,purchaser address, purchaser name and phone number, etc. Then, thepurchaser sends the input information to the seller computer 20. Thussent information is a purchase-request message.

[0197] The computer 20 receives the purchase-request message from thecomputer 30A through the Internet, checks information representing thegoods to be purchased and the number of the goods, checks the stock ofthe requested goods, and obtains the total amount of money to be paidfor the goods. As shown in FIG. 6, the computer 20 creates the orderingdata S21, representing the goods to be purchased 41, the number 42 ofthe goods, the address 43, the purchaser name 44, phone number 45, thecalculated amount of money (to be paid) 46 and specification information47 specifying the seller. Then, the computer 20 sends the createdordering data S21 to the computer 30A as an ordering message.

[0198] Since information flows over the Internet N, it is preferred thatthe ordering data S21 be transmitted in an encoded form so that thetransmitted information can be protected from unauthorized access. Whento create the ordering data S21, the computer 20 may compute theordering data S21 using a one-way function such as Hush function, createa message digest 48 by encoding the ordering data S21 in a shorter formthan the ordering data S21, add the created message digest 48 to theordering data 21, and send the ordering data 21 with the message digest48 added thereto to the computer 30S. The computer 20 stores the messagedigest 48 and the ordering data S21.

[0199] The computer 30A displays the ordering data S21 received from thecomputer 20 so as to show the data to the purchaser. If the orderingdata S21 coincides with the purchaser request, the purchaser inputs thecredit-card information 49 including the credit-card number 49 a andpassword 49 b, to the computer 30A using a keyboard, as shown in FIG. 7.

[0200] In accordance with the program P10 installed in the computer 30Abefore ordering is made, the computer 30A adds the credit-cardinformation 49 to the ordering data S21, and creates data items S31. Thecomputer 30 sends the created data items S31 to the computer 10A. Whilethe data items, including the ordering data S21 with the message digest48 attached thereto, are being received from the computer 20, thecomputer 30A generates the data items S31 including the ordering dataS21 and the message digest 48 with the credit-card information 49 addedthereto. Then, the computer 30A sends thus generated data items 31 tothe computer 10A as a settlement-request message.

[0201] When transmitting the data items S31 including the credit-cardinformation 49 onto the Internet, it is preferred that the informationbe encrypted so as to be protected from unauthorized access. On theassumption that the data items S31 will be altered before completelyreceived by the computer 10, likewise the computer 20, the computer 30Acan create a message digest 50 and add the created message digest 50 tothe data items S31.

[0202] In the case where to add the message digest 50 to the data itemsS31, the computer 30A performs computation, using a one-way functionsuch as a Hush function, for the data items S31 including the orderingdata S21 in combination with the credit-card information 49 or for thedata items S31 including the ordering data S21, the message digest 48 incombination with the credit-card information 49. Having done thiscomputation, the computer 30A can create the message digest 50 byencoding the data items S31 in a shorter form than the data items S31.The computer 30A adds the created message digest 50 to the data itemsS31, including the ordering data S21 in combination with the credit-cardinformation 49, or to the data items S31, including the ordering data821, the message digest 48 in combination with the credit-cardinformation 49. The computer 30A sends the data items S31 with thecreated message digest 50 added thereto to the computer 10. The computer30A encrypts this information, in accordance with the encryptiontechnique included in the program P10, and sends the encryptedinformation to the computer 10A.

[0203] Upon this, the communications unit 11 of the computer 10 receivesthe data items S31 through the Internet N as a settlement-requestmessage.

[0204] The computer 10A decodes the information received from thecomputer 30A using a decoding technique corresponding to the encryptiontechnique of the program P10. The decoded information includes the dataitems S31 and the message digest 50. The computer 10A encodes the dataitems S31 in a shorter form than the data items S31, using the sameencoding technique as that included in the program P10. In the casewhere the encoded result does not coincide with the message digest 50,the data items S31 are very likely to have been altered. Thus, thecomputer 10A determines that the request for the settlement is noteffective. On the contrary, in the case where the encoded resultcoincides with the message digest 50, the computer 10A determines thatthe request for the settlement is effective.

[0205] In the case where the data item S31 includes the message digest48, the computer 10A acquires a computation method which is confidentialand used for creating the message digest 48, in advance. Then, likewisethe case of the message digest 50, the computer 10A may determinewhether the data items S31 have been altered.

[0206] Unless otherwise it is determined that the request for settlementis not effective, the computer 10A determines whether the payment forthe ordered goods or services are made for the purchaser, based on theordering data S21 and the credit-card information 49 so as to create thesame settlement permit as that shown in FIG. 6. In the case where thecomputer 10A denies paying for the ordered goods or services for somereason, it sends denial information about the denial to the computer30A.

[0207] The settlement permit includes the contents of the ordering dataS21, and a permission number and expiration date of validity timeincludes in the settlement-permission information 55. In the case wherethe data sent from the computer 30A includes the message digest 48, themessage digest 48 is shown in the settlement permit, so that thecomputer 20 can check whether there is the digest in the sent data.

[0208] The computer 10A computes, using a function such as a Hushfunction, data items S11, including the contents of the ordering dataS21, the payment permission information 55 including the permissionnumber and the expiration date, and the message digest 48 (if included).At the same time, the computer 10A generates the message digest 56 fromthe data items S11 in a shorter form than the data items S11, adds thecreated message digest 56 to the data items S11, and sends the dataitems S11 with the message digest 56 added thereto to the computer 20.At this time, the credit-card information 49 is not given to thecomputer 20, and hence the personal information of the purchaser isprotected.

[0209] Upon reception of the data items S11 and the message digest 56,the computer 20 carries out the same procedures as those done by thecomputer 20 described in the first embodiment.

[0210] Accordingly, using the electronic commerce system of thisembodiment, the program P10 is given and installed into the computer 30Afrom the computer 10A, every time the order or settlement is made. Ifthe encoding technique or encryption technique for creating the messagedigest 50 is incorporated into the program P10, it is not necessary totake the trouble to acquire the encoding technique or encryptiontechnique. In addition, the encoding technique or encryption techniquecan be changed for each order. Therefore, the settlement can be achievedmore securely in accordance with the electronic commerce systemaccording to the second embodiment, than the case of the firstembodiment.

Third Embodiment

[0211] In the second embodiment, to add the credit-card information 49to the ordering data S21 sent from the computer 20, the program P10 issent from the computer 30 a from the computer 10A and installed into thecomputer 30A.

[0212] In this embodiment, explanations will now be made to anelectronic commerce system for adding the credit-card information 49 tothe ordering data S21 using an IC card.

[0213]FIG. 11 is a block diagram showing the relationship among asettlement agency, a seller and a purchaser, for carrying out anelectronic commerce according to the third embodiment of the presentinvention.

[0214] The computer 10 and the computer 20 are the same as thosedescribed in the first embodiment, and are connected with each otherthrough the Internet N, so that data communications can be performedtherebetween. The computers 10 and 20 may be connected using a privateline, public line, etc.

[0215] The computer 10 is connected to a computer 30B, serving as apurchaser terminal used by the purchaser of goods or services, throughthe Internet N, so that data communications can be performedtherebetween. The computers 20 and 30B are connected with each otherthrough the Internet N, so that data communications can be performedtherebetween also. The computers 10 and 30B may be connected via aprivate line or public line. The computers 20 and 30B may also beconnected with each other through a private line or public line. Anon-illustrative reader/writer, for reading information on an IC cardCRD1, is installed or incorporated in the computer 30B.

[0216] The program P10 for adding the credit-card information 49 iswritten on the IC card CRD1 by the settlement agency, and the IC cardCRD1 is distributed to purchasers beforehand. Likewise the secondembodiment, this program P10 may include procedures for the computer 30Bto add the credit-card information 49 to the ordering data S21. Inaddition, this program P10 may include an encoding technique for thecomputer 30B to generate a message digest from the data items includingthe ordering data S21 and/or an encryption technique for the computer30B to encrypt information to be sent to the computer 10. Such anencoding technique and/or an encryption technique are prepared for highsecurity sake, and are incorporated in the program P10 in thisembodiment.

[0217] In the electronic commerce system using the computers 10, 20 and30 b, the IC card CRD1 is given to the purchaser in advance.

[0218] The purchaser sets the IC card CRD1 to the reader/writer of thecomputer 30B, and the program P10 is given and installed to and in thecomputer 30B.

[0219] In accordance with the program P10, the computer 30B having theprogram P10 installed therein adds the credit-card information 49 to theordering data S21 sent from the computer 20, so as to create data itemsS31. The computer 30B encode the data items S31 using the encodingtechnique included in the program P10, so as to create the messagedigest 50. In this case, the data items S31 may include the orderingdata S21 and the credit-card information 49, with or without the messagedigest 48.

[0220] Subsequently, the computer 30B encrypts the information,including the message digest 50 in combination with the data items S31,using the encryption technique included in the program P10, and sendsthe encrypted information to the computer 10.

[0221] The procedures which are executed by the computers 10 and 20 arethe same as those described in the first and second embodiments, andwill not specifically be described in this embodiment.

[0222] In the third embodiment, the reader/writer is installed orincluded in the computer 30B, and the program P10 is provided from theIC card CRD 1 to the computer 30B. Thus, unlike the second embodiment,it is not necessary to send the program P10 from the computer 10A to thecomputer 30B. In this structure, it is unlikely that the purchaser willimproperly install the program P10 in the computer 30B. In addition, theencoding technique or encryption technique are included in the programP10, thereby realizing a high level of security.

Fourth Embodiment

[0223] In the above-described third embodiment, the credit-cardinformation 49, including the credit card number 49 a and password 49 b,is input into the computer 30 using a keyboard as input means. In thisembodiment, explanations will be made to another input means forinputting the credit-card information 49 into the computer 30 describedin the first embodiment.

[0224] In place of the sender 20 b, recording means for writing data ona recording medium is prepared in the computer 20 of FIG. 3, so that thesettlement agency can write personal information on the recording mediumand provide the purchaser with the recording medium with the informationwritten thereon. The recording medium may be a magnetic card, a magneticdisk, a compact disk or the like. According to this method, therecording medium is set in the recorder of the computer 30, therebyinputting the personal information into the computer 30. Further, thepersonal information input into the computer 30 is included in thesettlement-request message.

[0225] In the case where a reader/writer for inputting information froman IC card in the computer 30, personal information may be written ontoan IC card, and the IC card with the personal information writtenthereon is provided to the purchaser. According to this method, the ICcard is set into the reader of the computer 30, thereby encrypting thepersonal information and input into the computer 30. According to thisstructure wherein the encrypted personal information is input into thecomputer 30, the personal information can highly be protected fromauthorized access. Then, the personal information input into thecomputer 30 is reliably included into the settlement-request message.

[0226] In the case where the personal information is input from therecording medium or IC card, it is necessary to check whether the userhaving input the personal information is one who possesses the recordingmedium or IC card. That is, in the above case, it is necessary toperform a user authentication process.

[0227] Upon reception of the settlement-request message from thecomputer 30, the computer 10 provides the purchaser with the receivedmessage through the computer 30, and instructs the purchaser to input apassword, etc. using a keyboard. The password is sent from the purchaserfrom the computer 30, thereby executing the user authentication process.In the case where the transmitted password is proper, it is determinedwhether the settlement can be performed for the purchaser. In the casewhere the transmitted password is not proper, it is determined that thepayment for the goods or services corresponding to the ordering data S21can not be performed for the purchaser.

[0228] If the computer 30 includes inputting means for obtaining imagesof fingerprints or pupils, for example, the images of fingerprints orpupils may be input to the computer using the inputting means. Thefingerprints or pupils can be body information for identifying people.The computer 10 can perform user authentication, using the fingerprintsor pupils received from the computer 30.

[0229] As described above, according to the fourth embodiment of thepresent invention, the personal information written on the recordingmedium or IC card is input into the computer 30. In the case where thepersonal information is input through the keyboard, only a small amountof personal information can be input, because the inputting error maysometimes occur. However, in the case where the personal information isinput from the recording medium or IC card, a large amount of personalinformation can be input, and reliable electronic commerce can berealized.

Fifth Embodiment

[0230]FIG. 12 is a block diagram showing the relationship among asettlement agency, a seller and a purchaser, for carrying out anelectronic commerce system according to the fifth embodiment of thepresent invention.

[0231] In the above-described first to fourth embodiments, theexplanations have been made to the case where the computers 30, 30A and30B which are used by the purchaser are his/her possessions and are keptaway from the seller computer 20. However, the terminal used by thepurchaser may be installed in the seller's store or office, etc. In thiscase. an unspecified number of the general purchasers can share theterminal. In FIG. 12, a computer 30D to be used by the purchaser isinstalled in a store, etc. of the seller.

[0232] The computer 30D is connected to the computer 10 used by thesettlement agency, through a private line, etc. The computer 20 used bythe seller is connected to the computer 10 through a private line. Thecomputer 10 is the same as that described in the first embodiment. Thecomputer 20 is the same as that described in the first embodiment, andadditionally includes a non-illustrative writing unit for writing dataon a recording medium, as will be described in more detail later. Thecomputer 30D has a non-illustrative reader for reading data from therecording medium.

[0233] If the purchaser wants to get goods or services from the seller'sstore, he/she informs the seller of the kind of his/her credit card fordeferred payment, together with required information items representingthe target goods, the number of the goods, the purchaser address, nameand phone number, etc. After this, the seller inputs the inputinformation into the computer.

[0234] Of the input information items, the information itemsrepresenting the target goods to be purchased and the number of thegoods to be purchased are checked by the computer 20. After this, thecomputer 20 checks the stock of the goods, and calculates the price ofthe goods in total. Likewise the first embodiment, the computer 20creates ordering data S21 by adding the price 46 and information 47specifying the seller itself and issued from a credit-card issuer, tothe required information, representing the goods to be purchased 41, thenumber 42 of the goods to be purchased, the purchaser address 43, thepurchaser name 44 and phone number 45. Then, the computer 20 records thecreated ordering data S21 on the recording medium 22 as an orderingmessage. The recording medium 22 may be a floppy disk on whichinformation is generally recorded by a computer, a magnetic card, an ICcard, etc. The recording medium 22 on which the ordering data S21 iswritten is provided to the purchaser.

[0235] When creating (computing) the ordering data S21, the computer 20may use a one-way function such as a Hush function, for example, createthe message digest 48 by encoding the ordering data S21 in a shorterform than the ordering data S21, add the created message digest 48 tothe ordering data S21, and write the ordering data S21 with the messagedigest 48 added thereto onto the recording medium 22.

[0236] According to these procedures, the seller can know whether thecontents of the ordering data S21 has been altered afterwards, byperforming the same computation for corresponding ordering data S21.Therefore, it is preventable that data is used or altered by anyunauthorized access in malice.

[0237] The purchaser controls the computer 30D to read the ordering dataS21 written on the recording medium 22 and to input, into the computer30D, the credit-card information 49 including the personal information49 a or password 49 b. The computer 30D having read the ordering dataS21 operates in the same manner as that of the computer 30 described inthe first embodiment, adds the credit-card information 49 to theordering data S21, and provides the computer 10 with the ordering dataS21 with the credit-card information 49 added thereto.

[0238] When to input the credit-card information 49 into the computer30D, there can be employed an IC card for encrypting and reading thecredit-card information 49. In this case, the personal information ofthe purchaser can remarkably be prevented from being given to the thirdparties, even in the case where the computer 30D itself is a targetcomputer which sends/receives information to be wiretapped. The personalinformation input into the computer 30D is included in thesettlement-request message.

[0239] The computer 10 operates in the same manner as that described inthe first embodiment, and provides the computer 30D with the settlementpermission information, while the credit-card information 49 is notgiven to the computer 30D. Then, in this structure, the electroniccommerce can be realized.

[0240] As described above, according to the electronic commerce systemaccording to the fifth embodiment of the present invention, the computer30D is installed in a store. Hence, an unspecified number of the generalpurchasers can share the computer 30D. Further, the ordering data S21 isprovided from the recording medium to the computer 30D, so that theordering data S21 can not be wiretapped by the third parties.

Sixth Embodiment

[0241]FIG. 13 is a block diagram showing the relationship among asettlement agency, a seller and a purchaser, for carrying out anelectronic commerce system according to the sixth embodiment of thepresent invention.

[0242] In this embodiment, the ordering data S21 created by the computer20 is provided from the computer 20 to a computer 10B. The computer 10Bcompares the provided ordering data S21 with ordering data S21 providedthrough the computer 30, thereby determining whether the providedordering data S21 has been altered.

[0243]FIG. 14 is a diagram exemplarily showing the structure of thecomputer 10B shown in FIG. 13.

[0244] The computer 10B operates under the control of a program, andincludes the communications unit 11, the payment determiner 12, thesettlement-information creator 13, the determiner 14 and the adder 15which are included in the computer 10 of the first embodiment.Additionally, the computer 10B includes a specifying-informationprovider 16 and a decision maker 17.

[0245] When the ordering data S21 is provided from the computer 20, thespecifying-information provider 16 creates specifying informationspecifying a unique combination of the ordering data S21 and its relatedseller, and sends the created specifying information to the computer 20.The decision maker 17 compares the ordering data S21 provided from thecomputer 20 with the ordering data S21 provided from the computer 30.Then, the decision maker 17 determines whether the ordering data S21from the computer 30 has been altered.

[0246]FIG. 15 is a flowchart for explaining procedures which areperformed by the computers 10A, 20 and 30. Explanations will now be madeto an electronic commerce system employing a credit card, with referenceto FIG. 15.

[0247] The seller sets a Web page on the Internet N using the computer20, and shows a list of goods or services to be provided. The purchaseraccesses the Web site. In the case where the purchaser wants to purchasesome goods or services through the Web site, the purchaser operates thecomputer 30 to input information regarding his/her credit card fordeferred payment, together with required information representing thegoods to be purchased, the number of the goods, the purchaser address,the purchaser name and the purchaser's phone number, in accordance withinstructions shown on the Web site. Then, the computer 30 sends theinput information to the computer 20. This sent message is apurchase-request message.

[0248] The computer 20 checks the information representing the goods tobe purchased and the number of the goods, which is sent from thecomputer 30, checks the stock of the goods, and calculates the price ofthe goods in total. After this, the computer 20 creates the orderingdata S21, by adding the calculated price 46 and information 47specifying the seller itself and specified by a credit-card issuer, tothe required information representing the goods 41 to be purchased, thenumber 42, the purchaser address 43, the purchaser name 44 and thepurchaser phone number 45, etc. Then, the computer 20 sends the createdordering data S21 to the computer 10.

[0249] The decision maker 17 receives the ordering data S21 from thecomputer 20. The specifying-information provider 16 creates specifyinginformation for specifying a unique combination of the ordering data S21and its corresponding seller, and sends the created specifyinginformation to the computer 20 through the communications unit 11, andhence facilitating managing of the settlement.

[0250] Upon reception of the specifying information from the computer10, the computer 20 replaces the information 47 specifying the sellerand included in the ordering data S21, with the specifying informationprovided from the computer 10. Then, the computer 20 sends the replacedordering data S21 to the computer 30.

[0251] Since information flows over the Internet, it is preferred thatthe ordering data S21 be encrypted and flow, so that the ordering dataS21 can be protected from unauthorized access.

[0252] Likewise the first embodiment, the computer 30 shows orderingdata S21 provided from the computer 20, to the purchaser. Then, thepurchaser can determine whether the ordering data S21 corresponds tohis/her request. In the case where it is determined that the orderingdata S21 corresponds to the purchaser request, the purchaser inputs thecredit-card information 49 including the credit-card number 49 a andpassword 49 b, as personal information, trough the computer 30, therebycreating the data items S31 including the ordering data S21 with thecredit-cart information 49 added thereto. Then, the computer 30 sendsthus created data items S31 as a settlement-request message to thecomputer. At this time, it is preferred that the information items to besent are encrypted so as to be protected from being spread over theInternet, etc.

[0253] The computer 30 generates the message digest 50 from the dataitems S31 in a shorter form than the data items S31, by computing thedata items S31 including the ordering data S21 and the credit-cardinformation 49 using a one-way function such as a Hush function. Then,the computer 30 adds the generated message digest 50 to the data itemsS31 to the computer 10 of the settlement agency.

[0254] The data items S31 are received by the communications unit 11 ofthe computer 10. Then, the decision maker 17 receives the ordering dataS21 included in the sent data items S31. The decision maker 17 comparesthe ordering data S21 sent from the computer 20 with the ordering dataS21 included in the data items S31, to determine whether the orderingdata S21 included in the data items S31 have been altered, and informsthe payment determiner 12 of the comparison result.

[0255] The payment determiner 12 receives the data items S31.

[0256] In the case where it is determined that the ordering data S21have not been altered, the payment determiner 12 caries out the paymentdetermination process Sy2. In the payment determination process Sy2, thepayment determiner 12 determines whether to pay for the goods orservices ordered by the purchaser, based on the credit-card information49 and ordering data S21 received from the computer 30.

[0257] The result of the payment determination process Sy2 is sent tothe settlement-information creator 13. In the case where it is denied tomake the payment for some reason, the payment determiner 12 sendsdenying information representing the denial of payment to the computer30. The settlement-information creator 13 and the adder 15 carry out thesame settlement-information sending process Sy3 as that described in thefirst embodiment, and create data items S11 , including the contents ofthe ordering data S21 and settlement permission information 55 havingthe permission number and expiration date of validity time. After this,the settlement-information creator 13 and the adder 15 send the createddata items S11 to the computer 20, while the credit-cart information 49is kept secret from the seller.

[0258] Accordingly, the electronic commerce can be realized withoutinforming the seller of the credit-card information 49.

[0259] According to the electronic commerce system of this embodiment,the computer 10B compares the ordering data sent from the computer 20with the ordering data sent form the computer 30, in order to detectwhether the target ordering data has been altered, and hence improvingthe reliability of the settlement of the charge. The specifyinginformation specifying a corresponding seller is created and sent to thecomputer 20, and hence facilitating the management of the electroniccommerce. The sending of the ordering data S21 to the computer 10results in requesting the specifying information. Even in the aboveelectronic commerce system, extra data communications are not necessary.

[0260] The present invention is not limited to the above, and variouschanges or modifications can be made without departing from the broadspirit and scope of the invention. The followings are the modificationsof the present invention.

[0261] (a) In the above embodiments, the computer 20 provides a Web siteon the Internet N, and the purchaser accesses the Web page through thecomputer 30. However, the purchaser can order some goods to be purchasedthrough an e-mail without accessing the Web page.

[0262] (b) In the above embodiments, the message digests 48, 50, 56 and58 which have highly been encoded using a one-way function such as aHush function are employed in order to check whether target data hasbeen altered. However, if there is any technique for forming the data ina shorter form than its original form, the technique may be employed.

[0263] (c) The present invention can be adapted not only to the deferredpayment using the credit card, but also an electronic commerce system ofsettling the charge using a credit card or debit card, etc.

[0264] (d) The computers 10 and 20 may be connected with each otherthrough a private line. The computers 10 and 30 may also be connectedwith each other through a private line. According to this structurewherein the computers 10, 20 and 30 are connected with each otherthrough a private line, the communication data to be transmittedtherebetween can highly be protected from being wiretapped.

[0265] (e) In the second embodiment, the computer 10A provides thecomputer 30A with the program P10, and the program P10 is installed inthe computer 30A. However, the computer 20 may provides the computer 30Awith the program P10, and the program P10 may be installed in thecomputer 30A. Even in this case, the encoding technique for creating themessage digest 50 and/or the encrypting technique for encrypting theinformation to be sent to the computer 10A may be included in theprovided program P10. In this case, it is not necessary that thecomputer 30A acquire the encoding technique and encrypting techniquefrom the computer 20, while keeping the techniques not available to thethird party. Further, different encoding techniques and encryptingtechniques can be used by different purchasers, and hence realizingreliable electronic commerce system.

[0266] (f) In the above-described first to sixth embodiments, theordering data S21 has been treated by the computer 20. However, as longas the reliability of the ordering data S21 can be ensured, the orderingdata S21 can be created by the computer 30.

Seventh Embodiment

[0267] Explanations will now be made to an electronic commerce systemaccording to the seventh embodiment of the present invention, referringto three different examples of the structure of the system.

First Example of Seventh Embodiment

[0268]FIG. 16 is a diagram showing the typical electronic commercesystem according to the first example of the seventh embodiment. Asshown in FIG. 16, the electronic commerce system of the first example ofthe seventh embodiment further includes a card-information issuingcomputer 40, in addition to the structure shown in FIG. 1. The computer10 possessed by the settlement agency is connected to thecard-information issuing computer 40 and the computer 20, throughrelatively a secure line (hereinafter referred to as a secure line),such as a private line, a public line, etc., instead of the Internet N.

[0269] The card-information issuing computer 40 is possessed by a cardissuer which may or may not be the settlement agency. Each of thecomputer 20, the settlement agency 10 and the card-information issuingcomputer 40 may include simply a single computer or a plurality ofcomputers.

[0270] The computer 40 may have a structure substantially equal to thatshown in FIG. 4. In this case, the processor 30 a receives data from thepurchaser computer 30 through the input unit 30 b, performs necessaryprocess for issuing one-time-credit-card information, and send data tothe purchaser computer 30 and settlement-agency computer 10 through theoutput unit 30 c.

[0271] The computer 30 sends a request message, for requesting thecard-information issuing computer 40 to issue credit-card information(one-time (discardable) information regarding the deferred payment), tothe card-information issuing computer 40 through the Internet N (StepS110). In response to this request, the card-information issuingcomputer 40 sends a one-time-information message including the one-timecredit-card information to the computer 30 through the Internet (Step SI20). The card-information issuing computer 40 sends associationinformation for setting the one-time credit-card information sent to thecomputer 30 in association with the actual credit-card information, tothe computer 10 through a secure line (Step S125).

[0272] The computer 30 sends an ordering message, including an ordertable and one-time credit-card information sent form thecard-information issuing computer 40, to the computer 20 through theInternet (Step S130). The computer 20 sends an examination request,including the one-time credit-card information sent from the computer 30and the order table, to the settlement agency 10 through a secure line,so as to ask for settlement (Step S140).

[0273] The computer 10 receive the actual credit-card information fromthe one-time credit-card information sent from the computer 20. Then,the computer 10 determines whether payment can be made for the goodsordered by the purchaser, based on the credit-card information and theorder table. The computer 10 sends a result of this determination(yes/no message) to the computer 20 through a secure line (Step S150).Upon reception of the determination result from the computer 10, thecomputer 20 sends the received determination result to the computer 30(sends an order-reception message or an “unsuccess” message) to thecomputer 30 through the Internet. In the case of the order-receptionmessage, i.e. it is determined that the payment can be made, thecomputer 20 carries out a delivery process for delivering the orderedgoods.

[0274] In the above structure, the seller may include a seller handlingprivate business.

[0275] Operations of the first example of the seventh embodiment willnow specifically be described with reference to FIG. 17.

[0276] The purchaser inputs information, such as his/her credit-cardinformation, for specifying him/herself, using the computer 30, andcreates a request message for requesting one-time credit-cardinformation, including the input information (Step B11). The computer 30sends the created request message to the computer 40 through theInternet N (B12 to I11). Note that the request message for requestingone-time credit-card information includes credit-card information (acredit card number, a password and expiration date of validity time ifnecessary) requested by the computer 40.

[0277] The computer 40 examines the information specifying the purchaserand sent from the computer 30. In the case where the specifyinginformation represents a proper purchaser, the computer 40 generatesone-time credit-card information. Further, the computer 40 creates acredit-card information message including the generated one-timecredit-card information (Step I12). The computer 40 sends thiscredit-card information message to the computer 30 (Step I13). Further,the computer 40 creates corresponding data, representing the credit-cardinformation of the purchaser and the one-time credit-card information inassociation with each other, and creates a corresponding message (StepI14). The computer 40 sends the created corresponding message to thecomputer 10 through a secure line (Step I15).

[0278] Upon reception of the corresponding message from the computer 40,the computer 10 registers the corresponding message in a table(hereinafter referred to as a corresponding table), so that the one-timecredit-card information corresponds to the credit-card information(hereinafter referred to as actual credit-card information) of thepurchaser (Step P12). This correspondence table is created in the formof a file or database, etc. In the case where the correspondence tableis created in the form of a relational database, the correspondencebetween the one-time credit-card information and the actual credit-cardinformation can be realized by storing the actual credit-cardinformation and the credit-card information in the same record.

[0279] The computer 30 creates an order message by gathering informationrepresenting the goods ordered by the purchaser, the number of the goodsto be purchased and information (order table) requested by the seller,in addition to the one-time credit-card information sent form thecomputer 40 (Step B14). Then, the computer 30 sends the created ordermessage to the computer 20 through the Internet (Step B15).

[0280] The computer 20 receives this order message from the computer 30(Step M11). The computer 20 creates an examination-request messageincluding the one-time credit card information and any other informationrequested by the credit card company for examining the purchaser, basedon the contents of the order table included in the order message (StepM12). The computer 20 sends the created examination-request message tothe computer 10 through a secure line (Step M13).

[0281] The computer 10 searches the correspondence table updated in thestep P12, based on the one-time credit-card information included in thesent examination-request message. Then, the computer 10 acquires theactual credit-card information corresponding to the received one-timecredit-card information. The determination as to whether the purchaseris a proper purchaser can be done using the actual credit-cardinformation and other information sent from the computer 20. Further,the computer 10 creates a message (hereinafter referred to as an yes/nomessage) representing whether the payment can be made for the purchaser,and discards the corresponding data of the one-time credit-cardinformation and the actual credit-card information. In this case, theone-time credit-card information is discarded (Step P14). After this,the computer 10 sends this yes/no message to the computer 20 through asecure line (Step P15).

[0282] The computer 20 receives a yes/no message representing whetherthe payment can be made for the purchaser (Step M14). The computer 20creates a message (an order-reception message or an “unsuccess” message)based on the determination result sent from the computer 10 (Step M15).In the case where it is examined that the payment can be made for thepurchaser, the computer 20 informs the computer 30 that the order hassuccessfully been received, through the Internet N, and ends anorder-reception message for informing the computer 30 about the ordercontents (Step M16-B16). Then, the computer 20 carries out a deliveryprocess for actually delivering the ordered goods (M17, M18-B17).

[0283] On the contrary, in the case where it is determined that thepayment can not be made for the purchaser, the computer 20 informs thecomputer 30 of that (M16-B16).

[0284] In this example, the credit card is employed. However, thepresent invention can be adapted to any other deferred payment method,employing a cash card, a debit card, etc.

[0285] In the operations shown in FIG. 17, when sending informationthrough the Internet, it is preferred that information be encrypted andflow over the Internet, so that the information should be protected fromunauthorized access.

[0286] Further, when the computer 40 generates the one-timecredit-credit card information in the step I12, it creates randominformation using a random number(s), so that the third party can notsee the order in which the credit-card information is created. In thiscase, the random number(s) should not be the same as the currently-usedone-time information.

[0287] In the above structure, the computers 10 and 40 are separatelyprepared. However, the computers 10 and 40 may be realized on the samecomputer.

[0288] Each of above-described messages will now be described in detailwith reference to the accompanying drawings.

Request Message for Requesting One-time Credit-Card Information

[0289] In the step B11 of FIG. 17, the request message, for requestingthe one-time credit-card information and which is created by thecomputer 30 includes both: information representing- the requester(purchaser) who requests the one-time credit-card information; andrequested-credit-card information representing the contents of theone-time credit-card information, as shown in FIG. 18.

[0290] According to this structure, the information representing thepurchaser includes: the purchaser name; the actual credit-card number;the expiration date of validity time of the actual credit card; and thepassword of the actual credit card, as shown in FIG. 18. Therequested-credit-card information includes: the expiration date ofvalidity time of the requested one-time credit card; and its password.It is desired that such information regarding the purchaser beencrypted, so that the third party can not understand the information.

[0291] According to the above structure, the computer 40 checks thevalidity of the purchaser information and actual credit-card informationof the purchaser, thereafter enabling to create new one-time credit-cardinformation.

One-time Credit-Card Information Message

[0292] The one-time credit-card information message, created at the stepI12 shown in FIG. 17, includes the one-time credit-card informationgenerated by the card-information issuing computer 40, as shown in FIG.19. Note that the one-time credit-card information message does notpreferably include the requester information, which is included in therequest message for the one-time credit-card information, because it isnecessary to do so. This is because the requester information includesinformation representing the credit-card number, etc., it had better notbe on the Internet. Further, for the security sake, the one-timecredit-card information is preferably encrypted, so that it can not beunderstood by the third party.

Order Message

[0293] The order message created at the step B14 shown in FIG. 17includes, as shown in FIG. 20, an order table including the orderingcontents input by the purchaser and the one-time credit-cardinformation. The computer 30 preferably obtains a message digest (anorder-table message digest: highly encrypted checksum) by computing theorder table using a one-way function, when creating the order message.The computer 30 preferably sets the obtained message digest to beincluded in the order message, and stores the obtained message digesttherein. By so doing, the determination as to whether the informationhas been altered can be made by performing the same computation withrespect to the same order table. This can prevent the data from beingaltered by someone having malice and from being used for bad purposes.It is preferred that the message digest be calculated after thepurchaser inputs an instruction for sending the order message, and beadded to the order message. Further, the one-time credit-cardinformation is preferably encrypted.

Corresponding Message

[0294] The corresponding message created in the step I14 shown in FIG.17 includes the actual credit-card information and the one-timecredit-card information, as shown in FIG. 21. This corresponding messageis sent to the computer 10. Upon reception of the corresponding message,the computer 10 stores the received corresponding message in thecorresponding table.

Examination-Request Message

[0295] The examination-request message created at the step M12 shown inFIG. 17 includes the order table, the order-table message digest, andthe one-time credit-card information, as shown in FIG. 22. In this case,it is preferred that the order-table message digest sent from thecomputer 30 be used as is. This is because it is not necessary that thecomputer 20 obtain a new order-table message digest.

Yes/No Message

[0296] The yes/no message created at the step P15 of FIG. 17 includesthe order table, the order-table message digest and yes/no information.In this case, it is necessary that the computer 10 include the samemessage-digest calculator as that included in the computer 30. This isbecause the matching of the order table and the order-table messagedigest needs to be checked. In addition, the message digest regardingthe order table sent to the settlement agency needs to be attached tothe yes/no message. Hence, the settlement computer 10 creates the yes/nomessage which includes the newly-calculated order-table message digest,the order table and the yes/no information therein.

Order-reception Message

[0297] An order-reception message is to be created by the computer 20,in the case where the yes/no information of the yes/no messagerepresents that the settlement can be made for the purchaser. Theorder-reception message includes the order table, the order-table digestand order-reception data. In this case, the order-table message digestsent from the computer 10 needs to be used as is. This is because in thecomputer 10B having received the order-reception message determineswhether the order table has been altered somewhere on the way oftransmission. The order-reception information includes theorder-reception number given by the seller (the seller computer 20) andthe delivery date of the ordered goods.

Second Example of Seventh Embodiment

[0298] The second example of the seventh embodiment will now Ispecifically be described with reference to the accompanying drawings.FIG. 25 is a diagram showing a typical electronic commerce systemaccording to the second example of the seventh embodiment of the presentinvention.

[0299] As shown in FIG. 25, the computer 30, the computer 20 andcomputer 40 are connected with each other through the Internet N.Independently from the Internet N, the computer 10 is connected to thecomputers 40 and 20, through relatively a secure line, such as a privateline, a public-telephone line, etc.

[0300] In this structure, the computer 30 sends the order table and theone-time credit-card information sent form the computer 40 in advance,to the computer 20 through the Internet N, in the step S110. Thecomputer 20 sends the sent one-time credit-card information and theorder table sent from the computer 30 to the computer 10 through asecure line, in the step S120. Then, the computer 20 requests thecomputer 10 to make the payment for the purchaser. The computer 10 canknow the actual credit-card information based on the one-timecredit-card information sent from the computer 20, and determineswhether to make the payment for the purchaser based on the actualcredit-card information and the order table. Then, the computer 10 sendsinformation representing the determination result to the computer 20through a secure line, in the step S130. The computer 10 informs thecomputer 40 that the one-time credit-card information has been usedthrough a secure line, in the step S140. The computer 40 creates newone-time credit-card information, sends the created information to thecomputer 30 through the Internet in the step S150. At the same time, thecomputer 40 sends corresponding data of the newly-created one-timecredit-card information and the actual credit-card information to thecomputer 10 through a secure line in the step S155. Upon this, thecomputer 20 informs the computer 30 whether the payment can be made forthe purchaser in the step S160. In the case where the payment can bemade for the purchaser, the delivery process for delivering the orderedgoods is carried out.

[0301] Operations of the second example of the seventh embodiment willnow be described with reference to the accompanying drawings. In thisexample, note that the purchaser holds a one-time credit-cardinformation in advance. This is because the settlement agency providesthe purchaser with a new one-time-credit card every time the one-timecredit-card is used. The one-time credit-card information for the firstuse is given from the settlement agency, upon signing in a credit-cardapplication form or upon reception of a request for the information.

[0302] With reference to FIG. 26, the purchaser creates an order messageby gathering the one-time credit-card information sent in advance fromthe computer 40, the specified goods to be purchased, the number of thegoods, and any other information requested by the seller, using thecomputer 30 (Step B21). Then, the computer 30 sends the created ordermessage to the computer 20 through the Internet (Step SB22).

[0303] The computer 20 receives the order table from the computer 30(Step M21). The computer 20 creates an examination-request message basedon the information included in the order table (Step M22), and sends thecreated determination-request message to the computer 10 through asecure line (Step M23).

[0304] The computer 10 receives the one-time credit-card informationfrom the computer 20 (Step P21). Then, the computer 10 searches thecorresponding data, sent from the computer 40 in advance, forcorresponding actual credit-card information. After this, the computer10 determines whether to give credit for payment to be made at maximum,based on the actual credit-card information and other information sentfrom the compute 20. Subsequently, the computer 10 examines whether tomake payment for the purchaser, creates a message (yes/no message)including this payment determination (Step P22), and sends the createdmessage to the computer 20 through a secure line (Step P23).

[0305] After this, the computer 10 creates a message (ausage-information message) for informing the computer 40 that theone-time credit-card information has been used (Step P24). The computer10 sends thus created usage-information message to the computer 40through a secure line (Step P25-I21), and discards the correspondingdata of the used one-time credit-card information and the actualcredit-card information from the corresponding table (Step P24).

[0306] Instead of using the one-time credit-card information sent fromthe computer 10 again, the computer 40 creates new one-time credit-cardinformation (Step I22), and sends the created new one-time credit-cardinformation to the computer 30 (Step I23-B24). At the same time, thecomputer 40 creates the corresponding data of the actual credit-cardinformation and the one-time credit-card information, so as to generatea corresponding message (Step 124), and sends the created correspondingmessage to the computer 10 through a secure line (Step I25-P26).

[0307] The computer 20 creates a message (an order-reception message ora message for informing the computer 30 that the payment can not be madefor the purchaser), corresponding to the examination result (regardingthe credit transmission) sent form the computer 10. At this time, in thecase where the payment can be made for the purchaser, the computer 20creates an order-reception message representing the order hassuccessfully been made (Step M25). Subsequently, the computer 20 sendsthe created order-reception message to the computer 30 through theInternet (Step M26-B23), and carries out a delivery process for actuallycarrying out the ordered goods (M27, M28-B25).

[0308] On the contrary, in the case where the payment can not be madefor the purchaser, the computer 20 informs the computer 30 that thepayment can not be made, through the Internet N 8M26-B23).

[0309] In the above example, the credit card is employed. However, thesecond example of the seventh embodiment can be adapted to any otherdeferred payment method, using a cash card, a debit card, etc.

[0310] As shown in FIG. 26, in the case where information is transmittedthrough the Internet, it is preferred that information be encrypted andflow over the Internet.

[0311] In the case where the computer 40 generates the one-timecredit-card information at the step I122, the computer 40 generatesrandom information using one or more random numbers, so that the thirdparty can not understand in which order the credit-card information hasbeen generated. In this case, the random number can not be the same asthe currently-used one-time information.

[0312] Furthermore, according to the above structure, the computers 10and 40 are separately prepared. However, the computers 10 and 40 may berealized on the same computer.

[0313] In the second example of the seventh embodiment, each of theorder message, the examination-request message, the yes/no message, theorder-reception message and the corresponding message has the samestructure as that described in the first example of the seventhembodiment of the present invention. In this example, theusage-information message includes the used one-time-credit-cardinformation. In this structure, a new one-time credit-card informationmessage includes one-time credit-card information which has newly beenattached by the computer 40.

Third Example of Seventh Embodiment

[0314] The third example of the seventh embodiment of the presentinvention will now specifically be explained with reference to theaccompanying drawings. FIG. 27 is a diagram showing a typical electroniccommerce system according to the third example of the seventh embodimentof the present invention. As shown in FIG. 27, the computers 30, 20 and40 are connected with each other through the Internet. The computer 10is connected to the computers 40 and through relatively a secure line,such as a private line or a public telephone line, etc.

[0315] In the structure according to the third example of the seventhembodiment, the computer 30 sends the order table and the one-timecredit-card information sent form the computer 40, to the computerthrough the Internet N, in the step S110. The computer 20 sends theone-time credit-card information and the order table sent from thecomputer 30, to the computer 10 through a secure line, in the step S120,and asks for the payment for the ordered goods for the purchaser, in thestep S120. The computer 10 gets the actual credit-card information fromthe one-time credit-card information sent from the computer 20. Thecomputer 10 determines whether the settlement can be made based on theone-time credit-card information and the order table. Then, the computer10 sends this determination result to the computer 20 through a secureline, in the step S130. At the same time, the computer 10 creates newone-time credit-card information, and sends the newly-created one-timecredit-card information to the computer 40 through a secure line in thestep S140. The computer 40 sends the new one-time credit-cardinformation to the computer 30 through the Internet in the step S150.The computer 20 sends the determination result representing whether thesettlement can be made, to the computer 30 through the Internet in thestep S160. In the case where the settlement can be made, the computer 20carries out a delivery process for delivering the ordered goods.

[0316] Operations of the third example of the seventh embodiment of thepresent invention will now be described with reference to theaccompanying drawings.

[0317] With reference to FIG. 28, the computer 30 creates an ordermessage, by gathering not only the one-time credit-card information fromthe computer 40, but also the specified goods to be purchased, thenumber of the goods and any other information required by the seller(B31). Then, the computer 30 sends thus created order message to thecomputer 20 (B32-M31). Note that the one-time credit-card informationfor the first use is the same as that of the second example of theseventh embodiment of the present invention.

[0318] The computer 20 receives the order table sent from the computer(Step M31). After this, the computer 20 creates an examination-requestmessage, by gathering the sent one-time credit-card information and theinformation required by the credit-card issuer for examination (M32).Then, the computer 20 sends the created examination-request message tothe computer 10 through a secure line (M33-P31), so that the examinationas to whether the settlement (for the purchaser) can be made.

[0319] The computer 10 searches the one-time credit-card information forthe corresponding data, so as to acquire corresponding actualcredit-card information. The computer 10 examines whether the settlementcan be made, using the actual credit-card information and otherinformation sent from the computer 20. After this, the computer 10creates an yes/no message (P32), and sends the created yes/no message tothe computer 20 through a secure line (P33-M34).

[0320] In the case where the settlement can be made for the purchaser,the computer 10 sends the yes/no message to the computer 20, creates newone-time credit-card information. Having performed this, the computer 10updates the corresponding data of the one-time credit-card informationand the actual credit-card information which are registered in thecorresponding table (P34). At the same time, the computer 10 sends a newone-time credit-card information message including the created one-timecredit-card information, to the computer 40 through a secure line(P35-131).

[0321] In response to this, the computer 40 sends the one-timecredit-card information sent form the computer 10 to the computer 30through the Internet N.

[0322] In accordance with the examination result sent form the computer10, in the case where the payment can be made (for the purchaser), thecomputer 20 sends an order-reception message to the computer 30 throughthe Internet N (M36-B33), and carries out a delivery process foractually delivering the ordered goods (M37, M38-B35).

[0323] In the case where the yes/no message sent form the computerrepresents that the settlement can not be made for the purchaser, thecomputer 20 informs the computer 30 that the order can not successfullybe accepted through the Internet N (M36-B33).

[0324] In this example of the seventh embodiment of the presentinvention, the credit card has been employed. However, the example ofthis embodiment can be realized using any other deferred payment method,employing a cash card, a debit card, etc.

[0325] In FIG. 28, when sending information through the Internet, it ispreferred that the information be encrypted and flow over the Internet.

[0326] Further, in the step P34, in the case where the computer 10creates the one-time credit-card information, it is preferred that thethird party can not understand in which order the credit-cardinformation is created. Note, in this case, that the currently-usedone-time information should not be used.

[0327] In the example of this embodiment, the computer 10 and thecomputer 40 have separately been prepared. However, the computer 10 andthe computer 40 may be realized on the same computer.

[0328] Each of the order message, the examination-request message, theyes/no message, the order-reception message and the new one-timecredit-card information message is the same as that described in thesecond example of this embodiment.

[0329] As explained above, according to the seventh embodiment of thepresent invention, the electronic commerce can be realized, withoutletting others know the purchaser personal information including his/herdeferred payment method. Further, the seller can handle the businesstransactions while successfully been paid, without changing the existingequipment possessed by the seller.

[0330] According to the seventh embodiment of the present invention, thepurchaser can get the one-time information regarding the deferredpayment, only if needed. Hence, the purchaser does not need to gothrough an extra process for storing extra information. Further, thepersonal information of the purchaser can not easily be wiretapped bythe third party. Because the purchaser always has the one-timedeferred-payment information, he/she does not need to go through theprocess for particularly acquiring the information. Further, thesettlement agency creates and itself, at the same time, manages thecorresponding data of the one-time deferred-payment information and theactual deferred-payment information in association with each other.Hence, as compared to the case where the corresponding data is createdand managed by a plurality of computers, the corresponding data caneasily and securely be created and managed by the settlement agencyitself.

[0331] The present invention can be employed not only to the deferredpayment, using a credit card, etc., but also to an electronic commerce,wherein settlement is achieved using a cash card, debit card, etc.

[0332] For example, in the case where the immediate settlement isperformed using a debit card, etc., the computer 30 reads a cash card ofthe purchaser, and inputs a corresponding code number. The computer 30inputs the ordering data created by the computer 20, so as to providethe computer 10 with the ordering data, information regarding the cashcard of the purchaser and the corresponding code number thereof. Uponthis, the computer 10 can perform the immediate settlement. That is, apredetermined amount of money for the ordered product can be transferredfrom the purchaser's account to the seller's account. The computer 10sends information about completion of the settlement to the computer 20,while the cash card information and the code number is kept secret,thereby informing the seller that the settlement is completed. Then, theordered product can successfully be provided to the purchaser. In thisway, the cash card information and the code number are kept secret, sothat the computer 20 can not acquire such information. That is, theseller can not obtain the cash card information and the code number.Since the ordering data is created by the computer 20, the seller orsettlement agency can know whether the ordering data has been altered,and hence realizing a high level of security for the seller. In the datacommunications between each of the computers 10, 20 and 30, the messagedigest may be added to the data items to be transmitted, or the dataitems to be transmitted may be encrypted, and thus enhancing thesecurity of the immediate settlement. In the seventh embodiment, forexample, the purchaser computer 30 sends 10 the debit card number to thecard-information-issuing computer 40, and the card-information-issuingcomputer 40 generates one-time-debit-card number and corresponding dataassociating the original debit card number and the one-time-debit-cardnumber, and sends the generated one-time debit card number to thepurchaser computer 30 and the corresponding data to the settlementagency computer 10.

[0333] The apparatus and system of the present invention can be realizedby a general computer, without the need for a dedicated system. Aprogram and data for controlling a computer to execute theabove-described processes may be recorded on a medium (a floppy disk,CD-ROM, DVD or the like) and distributed, and the program may beinstalled into the computer and run on an OS (Operating System) toexecute the above-described processes, thereby achieving the system ofthe present invention. The above program and data may be stored in adisk device or the like in the server device on the Internet, andembedded in a carrier wave. The program and data embedded in the carrierwave may be downloaded into the computer so as to realize the system ofthe present invention.

[0334] Various embodiments and changes may be made thereonto withoutdeparting from the broad spirit and scope of the invention. Theabove-described embodiments are intended to illustrate the presentinvention, not to limit the scope of the present invention. The scope ofthe present invention is shown by the attached claims rather than theembodiments. Various modifications made within the meaning of anequivalent of the claims of the invention and within the claims are tobe regarded to be in the scope of the present invention.

[0335] This application is based on Japanese Patent Applications No.2001-069142 filed on Mar. 12, 2001 and No. 2001-148005 filed on May 17,2001 and including specification, claims, drawings and summary. Thedisclosure of the above Japanese Patent Applications is incorporatedherein by reference in its entirety.

What is claimed is:
 1. An electronic commerce system for dealing atleast one product, said system comprising a purchaser system, a sellersystem and a settlement system, and wherein said seller system createsordering data including purchaser information specifying at least onepurchaser and information specifying the at least one product to bepurchased, and sends the created ordering data to said purchaser systemthrough an electronic medium, said purchaser system attaches, to theordering data, purchaser ID (identification) information which has beenprovided from a settlement agency to said at least one purchaser inadvance, and sends the ordering data with the purchaser ID informationattached thereto to said settlement system through an electronic medium,and said settlement system determines whether to pay a predeterminedamount of money for the at least one product to a seller for said atleast one purchaser, based on the ordering data and purchaser IDinformation sent from said purchaser system, and sends informationspecifying the at least one purchaser and the product to be purchasedand also settlement permission information representing to said sellersystem through an electronic medium.
 2. An electronic commerce devicecomprising: a communications unit which sends and receives data to andfrom another electronic commerce device; a payment determiner whichreceives ordering data including price information representing a priceof at least one product to be purchased and personal informationincluding purchaser ID (identification) information which has been givenin advance to at least one purchaser, from a purchaser terminal used bysaid at least one purchaser of the at least one product through saidcommunications unit, and determines whether to pay for the at least oneproduct to a seller for the at least one purchaser based on the receivedordering data and personal information; and a settlement-informationcreator which creates settlement permission information, in a case wheresaid payment determiner determines to pay for the at least one productto said seller for the at least one purchaser, and sends the settlementpermission information to a seller terminal used by the seller throughsaid communications unit while the personal information of the at leastone purchaser is kept secret from the seller.
 3. The electronic commercedevice according to claim 2, wherein said settlement-information creatorencrypts the settlement permission information and sends the encryptedsettlement permission information to the seller terminal through saidcommunications unit.
 4. The electronic commerce device according toclaim 3, wherein said settlement-information creator sends the orderingdata together with the settlement permission information, to the sellerterminal through said communications unit.
 5. The electronic commercedevice according to claim 2, wherein said settlement-information creatorcreates a digest of target data to be sent to the seller terminal,attaches the created digest to the target data, and sends the targetdata with the digest attached thereto, to the seller terminal.
 6. Theelectronic commerce device according to claim S, further comprising adeterminer which: creates a digest of the ordering data and a digest ofthe personal information, in a case where said determiner receives theordering data, the personal information, a digest of the ordering dataand a digest of the personal information, compares the received digestswith the generated digests, respectively, and determines validity of thereceived ordering data and personal information, based on a result ofthe comparison.
 7. The electronic commerce device according to claim 5,wherein said payment determiner: receives the ordering data from theseller terminal through said communications unit in advance; andcompares, in a case where said payment determiner receives the orderingdata and the purchaser ID information from the purchaser terminalthrough said communications unit, the ordering data received in advanceand the ordering data received at this time, determines whether theordering data received at this time has been altered, and determineswhether to pay for the product to the seller for the purchaser based onthe price information representing the price of the at least one productand the purchaser ID information, in a case where it is determined thatthe ordering received at this time has not been altered.
 8. Anelectronic commerce device comprising: an ordering-data creator whichcreates ordering data including price information of at least oneproduct that at least one purchaser wants to purchase, in a case whereinformation representing the at least one product has been input; arecorder which writes the ordering data onto a recording medium, toprovide a purchaser terminal used by at least one purchaser with theordering data; and a receiver which receives settlement permissioninformation and provides a seller to be providing the at least oneproduct with the received settlement permission information, in a casewhere it is determined that the settlement agency is to pay for the atleast one product and in a case where an agency terminal used by asettlement agency outputs the settlement permission information, basedon data communications performed between the purchaser terminal whichreads the ordering data written onto the recording medium and the agencyterminal used by the settlement agency which may pay for the at leastone product for the purchaser.
 9. The electronic commerce deviceaccording to claim 8, wherein: said ordering-data creator creates adigest of the ordering data; and said recorder writes the ordering dataand the digest of the ordering data onto said recording medium.
 10. Anelectronic commerce device comprising: an ordering-data creator whichcreates ordering data including price information of at least oneproduct that at least one purchaser desires to purchase, in a case whereproduct information representing the at least one product is input; asender which sends the ordering data to a purchaser terminal used by theat least one purchaser; and a receiver which receives settlementpermission information and provides a seller to be providing the atleast one product with the received settlement permission information,in a case where it is determined that a settlement agency is to pay forthe at least one product and a settlement terminal used by thesettlement agency outputs the settlement permission information, basedon data communications performed between a purchaser terminal used bythe at least one purchaser and the settlement terminal used by thesettlement agency to be paying for the at least one product.
 11. Theelectronic commerce device according to claim 10, wherein: saidordering-data creator creates the ordering data and a digest of theordering data; and said sender sends the ordering data and the messagedigest to said purchaser terminal.
 12. An electronic commerce devicecomprising: an input unit which inputs ordering data, which is createdby a seller terminal used by a seller to be providing at least oneproduct and which includes price information of the at least one productthat at least one purchaser desires to purchase, and personalinformation including purchaser ID (identification) information whichhas been given in advance to the at least one purchaser; and asettlement-request-message sender which creates a settlement requestmessage including the personal information and the ordering data, sendsthe created settlement request message to a settlement terminal used bya settlement agency which may pay the at least one product to a sellerfor the purchaser, instructs said settlement terminal to determinewhether to pay for the at least one product for the purchaser, andinstructs said settlement terminal to send settlement permissioninformation to said seller terminal while the personal information iskept secret from the seller, in a case where it is determined to pay forthe at least one product for the purchaser.
 13. The electronic commercedevice according to claim 12, wherein said settlement-request-messagesender creates a digest of the personal information and a digest of theordering data, affixes created digests respectively to the personalinformation and ordering data, and sends the personal information andordering data with the digests affixed thereto to the settlementterminal.
 14. An electronic commerce device comprising: an ordering-datacreator which creates ordering data including price information of atleast one product that at least one purchaser desires to purchase, in acase where the at least one purchaser inputs product information of theat least one product; an ordering-data provider which sends the orderingdata to a purchaser terminal, which is used by the at least onepurchaser and affixes personal information including purchaser ID(identification) information provided to the at least one purchaser inadvance; and a reception processor which receives data items includingsettlement permission information representing that the at least oneproduct is to be paid for the purchaser, and provides the settlementpermission information a seller of the at least one product, in a casewhere the data items are sent form a settlement terminal used by asettlement agency to be paying for the at least one product for thepurchaser, as a result that the ordering data is provided to thepurchaser terminal.
 15. The electronic commerce device according toclaim 14, wherein: said ordering-data creator creates a digest of theordering data; and said ordering-data provider affixes the createddigest to the ordering data, and provides the ordering data with thedigest affixed thereto to the purchaser terminal.
 16. The electroniccommerce device according to claim 14, wherein said ordering-dataprovider provides the settlement terminal with the ordering data.
 17. Anelectronic commerce system, said system comprising a purchaser system, aseller system, a payment agency system and an ID (identification)information issuing system, and wherein a payment agency provides atleast one purchaser of at least one product with credit information andID information corresponding to the at least one purchaser; saidpurchaser system sends ID information to said ID information issuingsystem, and requests said ID information issuing system for one-time IDinformation, and sends the one-time ID information provided from the IDinformation issuing system to the seller system; said ID informationissuing system issues one-time identification information, in responseto a request from said purchaser system, provides correspondinginformation representing the one-time ID information and the IDinformation in association with each other to said payment agencysystem; said seller system sends the one-time ID information sent fromsaid purchaser system to said payment agency system, so as to requestsaid payment agency system to pay for the at least one product for theat least one purchaser; and said payment agency system determines IDinformation of the at least one purchaser based on the one-time IDinformation sent from the seller system, determines whether to pay forthe at least one product based on the determined ID information, andsends a result of the determination to the seller system.
 18. Theelectronic commerce system according to claim 17, wherein: said paymentagency system sends the used one-time ID information to said IDinformation issuing system; and said payment agency system and saidone-time ID information issuing system discards correspondinginformation, in a case where the one-time ID information is used. 19.The electronic commerce system according to claim 17, wherein saidpayment agency system and said ID-information issuing system areincluded in a same system.
 20. A one-time ID (identification)information issuing system to be used in a transaction wherein: aone-time ID information is issued to a person who is assigned IDinformation for payment previously from a payment agency; the issuedone-time ID information is sent to the parson and the payment agency;the person sends the issued one-time ID information to a seller in abusiness transaction; the seller sends the one-time ID information ofthe person to a payment agency; the payment agency obtains original IDinformation for payment of the person based on the sent one-time IDinformation and determines whether to pay to the seller for the businesstransaction based on the obtained original ID information for payment,and pays to the seller for the business transaction, in a case where itis determined to pay for the business transaction, said one-time IDinformation issuing system comprising: storage means for storing IDinformation for payment previously assigned to a user, and one-time IDinformation providing means for issuing the one-time ID informationtoward the user in response to a request, having ID information attachedthereto and being sent from a terminal of the user, providing theone-time ID information to the user, and providing a payment agencysystem with corresponding information representing the one-time IDinformation and the ID information in association with each other. 21.The one-time ID information issuing system according to claim 20,further comprising: one-time ID-information storage means for storingthe issued one-time ID information; one-time storage means for storingthe ID information of the contractor; prohibition means for prohibitingto assign the user the one-time ID information stored in said one-timestorage means; and means for deleting the one-time ID information storedin said one-time storage means, in a case where the one-time IDinformation is used by the payment agency system and said payment agencysystem informs that the one-time ID information has been used.
 22. Apurchaser system to be used by a purchaser and to be used in atransaction wherein: a one-time ID information is issued to a person whois assigned ID information for payment previously from a payment agency;the issued one-time ID information is sent to the person and the paymentagency; the person sends the issued one-time ID information to a sellerin a business transaction; the seller sends the one-time ID informationof the person to a payment agency; the payment agency obtains originalID information for payment of the person based on the sent one-time IDinformation and determines whether to pay to the seller for the businesstransaction based on the obtained original ID information for payment,and pays to the seller for the business transaction, in a case where itis determined to pay for the business transaction, and said purchasersystem comprising: means for providing ID information for payment,previously assigned to a user, and for requesting one-time IDinformation issuing means for issuing one-time ID information to issueone-time ID information; and means for providing the issued one-time IDinformation, and request a system to be used by a seller to provide atleast one product to be sold.
 23. A seller system to be used by a sellerand to be used in a transaction wherein; a one-time ID information isissued to a person who is assigned ID information for payment previouslyfrom a payment agency; the issued one-time ID information is sent to theparson and the payment agency; the person sends the issued one-time IDinformation to a seller in a business transaction; the seller sends theone-time ID information of the person to a payment agency; the paymentagency obtains original ID information for payment of the person basedon the sent one-time ID information and determines whether to pay to theseller for the business transaction based on the obtained original IDinformation for payment, and pays to the seller for the businesstransaction, in a case where it is determined to pay for the businesstransaction, said seller system comprising: means for receiving one-timeID information sent from a purchaser who desires to purchase at leastone product in the business transaction, and providing the receivedone-time ID information to payment agency means; and means for issuing apayment permit, upon reception of information representing that paymentcan be made for the purchaser from the payment agency.
 24. A purchasersystem to be used by a seller and to be used in a transaction wherein: aone-time ID information is issued to a person who is assigned IDinformation for payment previously from a payment agency; the issuedone-time ID information is sent to the person and the payment agency;the person sends the issued one-time ID information to a seller in abusiness transaction; the seller sends the one-time ID information ofthe person to a payment agency; the payment agency obtains original IDinformation for payment of the person based on the sent one-time IDinformation and determines whether to pay to the seller for the businesstransaction based on the obtained original ID information for payment,and pays to the seller for the business transaction, in a case where itis determined to pay for the business transaction, said seller systemcomprising requesting means for requesting the payment agency to send IDinformation which is provided in advance together with credit forpayment to be made, and to affix the one-time ID information to the IDinformation: means for receiving the one-time ID information providedfrom said payment agency; and means for providing the one-time IDinformation and making an order for at least one product in the businesstransaction.
 25. A payment agency system to be used by a payment agencyand to be used in a transaction wherein: a one-time ID information isissued to a person who is assigned ID information for payment previouslyfrom a payment agency; the issued one-time ID information is sent to theperson and the payment agency; the person sends the issued one-time IDinformation to a seller in a business transaction; the seller sends theone-time ID information of the person to a payment agency; the paymentagency obtains original ID information for payment of the person basedon the sent one-time ID information and determines whether to pay to theseller for the business transaction based on the obtained original IDinformation for payment, and pays to the seller for the businesstransaction, in a case where it is determined to pay for the businesstransaction, said payment agency system comprising: storage means forstoring the ID information and given-credit information of a user inassociation with each other; means for receiving and storing informationassociating the ID information and the one time ID information with eachother; and determination means for receiving the one-time ID informationand price information regarding a price of at least one product in thebusiness transaction, from a seller system, discriminating IDinformation from the received one-time ID information, and determiningwhether currently-requested payment can be made based on given-creditinformation corresponding to the discriminated ID Information; and meansfor sending a result of the determination performed by saiddetermination means to said seller system.
 26. An electronic commercemethod comprising: an ordering-data receiving process of receivingordering data including price information representing a price of atarget product to be purchased and personal information including IDinformation which has previously been given to at least one purchaserfor sales, via a network; a payment determination process of determiningwhether to pay the price of the target product to a seller, based on theprice information included in the received ordering data and purchaserID Information included in the received personal information; and asettlement-permission information sending process of sending, in a casewhere it is determined at said determining step to pay the price of thetarget product for the at least one purchaser, settlement permissioninformation representing that it is determined to pay the price for thepurchaser to the seller through a network, while the ID information issecret from the seller.
 27. The electronic commerce method according toclaim 26, wherein the ordering data is generated by a seller terminalused by the seller, transmitted to a purchaser terminal used by the atleast one purchaser via an electronic medium, and the personalinformation is added to the ordering data by the purchaser terminal. 28.The electronic commerce method according to claim 26, further comprisingthe process of downloading, into the purchaser terminal, a program foradding the personal information to the ordering data provided from theseller terminal, every time the at least one purchaser makes an orderfor the at least one product, and wherein said ordering-data receivingprocess receives data items including the personal information which hasbeen added to the ordering data in accordance with the programdownloaded into the purchaser terminal.
 29. The electronic commercemethod according to claim 26, wherein a first message digest is formedfrom the ordering data in a shorter form than the ordering data, usingthe seller terminal, the created first message digest is added to theordering data, and the ordering data with the first message digest addedthereto is sent to the purchaser terminal, and said receiving processreceives data items, including the ordering data sent by the seller andthe first message digest, to which the personal information is added,from the purchaser terminal, and said settlement information sendingprocess sends data items, including the settlement permissioninformation, the ordering data and the first message digest, to theseller terminal, in a case where to send the settlement permissioninformation to the seller terminal.
 30. The electronic commerce methodaccording to claim 29, further comprising a determination process of:acquiring a first forming technique employed for forming the firstmessage digest in a shorter form than the ordering data, beforeperforming at least said payment determination process; comparing theordering data received from the purchaser terminal with the firstmessage digest, using the acquired first generation technique; anddetermining validity of the ordering data.
 31. The electronic commercemethod according to claim 29, wherein: a second message digest is formedfrom data items including the ordering data, the personal informationand the first message digest, by the purchaser terminal; and saidreceiving process receives the data items, including the first messagedigest, the ordering data and the personal information, to which thesecond message digest is added.
 32. The electronic commerce methodaccording to claim 31, further comprising a determination process of:acquiring a second forming technique employed for forming the secondmessage digest in a shorter form than the data items by the purchaserterminal, before performing at least the payment determination process;comparing, using the acquired second forming technique, the orderingdata received form the purchaser terminal, the personal information, thefirst message digest, and the second message digest; and determiningvalidity of the ordering data.
 33. The electronic commerce methodaccording to claim
 26. wherein said settlement-information sendingprocess: generates a third message digest from data items including thesettlement permission information and the ordering data, in a shorterform than the data items; and sending the data items including the thirdmessage digest, the settlement permission information and the orderingdata to the seller terminal.
 34. The electronic commerce methodaccording to claim 33, further comprising a sharing process ofcontrolling the seller terminal to use the third forming technique usedfor forming the third message digest, in order to control the sellerterminal to compare the third message digest with the data itemsincluding the settlement permission information and the ordering data.35. The electronic commerce method according to claim 31, wherein saidsettlement-information sending process: forms a third message digestfrom data items including the settlement permission information, theordering data and the first message digest in a shorter form than thedata items; and sending data items including the third message digest,the settlement permission information, the ordering data and the firstmessage digest to the seller terminal.
 36. The electronic commercemethod according to claim 35, further comprising a sharing process ofcontrolling the seller terminal to use the third forming techniqueemployed for generating the third message digest, in order to controlthe seller terminal to compare the third message digest with the dataitems including the settlement permission information, the ordering dataand the first message digest.
 37. The electronic commerce methodaccording to claim 36, further comprising a sending process of sendingthe ordering data and order-reception information representing that anorder for the at least one product has been received, to the purchaserterminal from the seller terminal, in a case where it is determined topay at said payment determination process and the ordering data and thesettlement permission information are sent to the seller terminal. 38.The electronic commerce method according to claim 37, wherein: a fourthmessage digest is formed from data items including the order-receptioninformation and the ordering data, in a shorter form than the dataitems, by the seller terminal; and data items including the fourthmessage digest, the order-reception information and the ordering dataare sent to the purchaser terminal from the seller terminal.
 39. Theelectronic commerce method according to claim 38, wherein a fourthforming technique, employed by the seller terminal for forming thefourth message digest, is shared between the seller terminal and thepurchaser terminal.
 40. An electronic commerce method comprising: anordering-data acquiring process of acquiring, from a seller terminalused by a seller, ordering data including price information, whichrepresents a price of a product, and is generated and stored by theseller terminal; a receiving process of receiving, as asettlement-request message, the ordering data and personal informationincluding purchaser ID information which has previously been given forsales, from a purchaser terminal used by at least one purchaser; adetermination process of comparing the ordering data received at saidreceiving process and the ordering data received at said ordering-dataacquiring process, and determining whether the ordering data received atsaid receiving process has been altered, before the product is providedto the at least one purchaser; a payment determination process ofdetermining whether to pay for the product to the seller for the atleast one purchaser, based on the price information included in theordering data and the purchaser ID information included in the personalinformation, in a case where it is determined that the ordering datareceived at said receiving process has not been altered at saiddetermination process; and a settlement-information sending process ofsending the settlement permission information representing that thepayment can be made for the at least one purchaser and the ordering datato the seller terminal, while the personal information is kept secretfrom the seller, in a case where it is determined to pay the price ofthe product for the purchaser at said payment determination process. 41.The electronic commerce method according to claim 40, wherein, at saidpayment determination process, it is determined to pay the price of theproduct to the seller for the at least one purchaser, based on the priceinformation included in the ordering data and the purchaser IDinformation included in the personal information, in a case where it isdetermined that the ordering data received at said receiving process hasnot been altered at said determination process.
 42. The electroniccommerce method according to claim 41, wherein, at said paymentdetermination process, it is determined not to pay for the product tothe seller for the at least one purchaser, in a case where it isdetermined that the ordering data has been altered at said determinationprocess.
 43. The electronic commerce method according to claim 40,wherein: said ordering-data acquiring process generates specificationinformation uniquely specifying a combination of the ordering data andthe seller in association with each other, and sends the generatedspecification information to the seller terminal; and said receivingprocess receives the specification information.
 44. An electroniccommerce method using a deferred payment method for making payment forat least one product, and said electronic commerce method comprising thesteps of: requesting a seller system to pay for a product to bepurchased, using one-time deferred-payment information issued by asettlement agency system or a deferred-payment information issuersystem; requesting said settlement agency system to pay for the productbased on the one-time deferred-payment information; and paying for theproduct for a purchaser of the product based on deferred-paymentinformation of the purchaser which corresponds to the one-time deferredpayment information.
 45. The electronic commerce method according toclaim 44, further comprising the steps of: requesting the settlementagency system or deferred-payment information issuer system to providethe one-time deferred-payment information, using a message includingspecification information specifying the purchaser; issuing the one-timedeferred-payment information to a purchaser terminal of the purchaser inaccordance with the message.
 46. The electronic commerce methodaccording to claim 44, further comprising the steps of: informing saiddeferred-payment information issuer system that the one-timedeferred-payment information has been used; and issuing newdeferred-payment information toward said purchaser terminal.
 47. Theelectronic commerce method according to claim 44, further comprising thestep of setting the deferred-payment information and the one-timedeferred-payment information in association with each other, in a casewhere said deferred-payment information issuer system issues theone-time deferred-payment information.
 48. The electronic commercemethod according to claim 44, further comprising the steps of:generating new deferred-payment information and sending the generatednew deferred-payment information to the purchaser, in a case where theone-time deferred-payment information is used; and setting the one-timedeferred-payment information which is generated at said generating andthe deferred-payment information in association with each other.
 49. Theelectronic commerce method according to claim 44, further comprising thestep of deleting the one-time deferred-payment information which hasbeen used and corresponding to the deferred-payment information inassociation with each other.
 50. The electronic commerce methodaccording to claim 44, wherein the deferred-payment information or theone-time deferred-payment information is encrypted and transmitted amongsaid purchaser terminal, said seller system, said settlement agencysystem and said deferred-payment information issuer system.
 51. Theelectronic commerce method according to claim 44, wherein saidsettlement agency system and said deferred-payment information issuersystem are included in a same system.
 52. A method for realizing asettlement agency system in an electronic commerce method employing adeferred payment technique, for paying a price of at least one productto be purchased by at least one purchaser, and said method comprisingthe steps of: receiving, from a seller system, a request for paying forthe at least one product based on one-time deferred-payment informationissued to the at least one purchaser; and paying for the at least oneproduct for the at least one purchaser, based on the deferred-paymentinformation of the at least one purchaser corresponding to the one-timedeferred-payment information.
 53. A method of issuing one-timedeferred-payment information, and used by a deferred-payment informationissuer system in an electronic commerce, employing a deferred-paymenttechnique for paying for at least one product, and said methodcomprising the steps of: issuing new one-time deferred-paymentinformation to a purchaser terminal at least one purchaser, in a casewhere the one-time deferred-payment information is requested using amessage including specification information specifying the at least onepurchaser from the purchaser terminal, or in a case where a settlementagency system informs that the one-time deferred-payment information hasbeen used; and sending, to said settlement agency system, the one-timedeferred-payment information issued at said issuing step and thedeferred-payment information in association with each other.
 54. Asettlement-request method used by a seller system in an electroniccommerce method employing a deferred-payment technique for paying for atleast one product for at least one purchaser, and saidsettlement-request method comprising the steps of: receiving a request,from a purchaser terminal used by at least one purchaser, for paying forthe at least one product for the at least one purchaser, based onone-time deferred-payment information issued to the at least onepurchaser; and requesting a settlement agency system to pay for the atleast one product for the at least one purchaser, based on the one-timedeferred-payment information.
 55. A computer program, computer programproduct, data signal embodied in a carrier wave, or program signalembodied in a carrier wave which controls a computer as at least one ofsaid purchaser system, said seller system and said settlement systemdefined in claim 1.